Lock picking is a fairly common hobby and staple skill in some professions, e.g. locksmith and pentesting/red teaming.
I follow a few different people on social media that do lock picking or pentesting, e.g. the lock picking lawyer on YouTube.
It’s fairly common to see various “pick proof” lock design videos. Or rather, lock pickers that pick these supposedly “pick proof” locks.
Well, I’ve got a design concept for a more serious pick proof lock that I’m willing to bet few lock pickers would even be willing to test. So, without further adieu, here goes…
The type of lock for my design concept doesn’t particularly matter. Any lock and key can be designed with my modifications. With a few caveats… (There are always conditions!) For example, this sure as guns ain’t gonna be a cheap lock, and the keys sure as guns ain’t gonna be cheap either!
For a full understanding, you’ll need to read to the end as I’m also outlining how to defeat different aspects of this design concept.
The design relies upon several elements:
- Sensors for each pin
- Keys made of hardened, tough steel, e.g. SV110, D2, M390, etc.
- An extension at the end of the key that pokes into a hole/button that activates the lock
- An RFID chip that uses the body of the key as an antenna
- A sensor that detects the magnetic properties of the key, which is determined by the type of steel used for the key, e.g. brass keys aren’t magnetic
- An RFID device that reads the RFID chip in the key if certain conditions are met
- “Blow holes” in the face of the lock that open under certain conditions
- A “zapper” circuit that electrifies the key to deliver an electric shock
- A circuit that triggers the “blow holes”
- Space for a container of compressed pepper spray or mace
- A power source
Rather than describe each element, I’ll walk through the unlock procedure and the picking procedure.
When the authorized/proper key is inserted, the (#3) extension pushes into the activation hole/button. If this is not triggered, the lock will not open. So, if that is triggered, the lock then becomes “active”.
When the lock is active, the (#1) sensors detect whether or not all pins are correctly in the “open” position. If they are, the (#5) magnetic sensor detects if the key is the right type of steel. If it is, then the (#6) RFID reader reads the (#4) key’s RFID chip to detect if the key/user is authorized.
If the RFID passes, the key metal passes, and the pin positions are correct, then the lock can be unlocked.
If the lock is activated (#3), then the “deterrents” are also activated. If any of the “open” conditions fails, then the defensive measures (#7-#10) are activated according to the designer’s preferences, e.g. send a small electric shock (#8) or spray the intruder with pepper spray (#9 & # 10). Further, don’t unlock the lock, DUH!
DEFEATING THIS DESIGN CONCEPT
First, the lock must be activated as per #3. This make traditional lock picking impossible. To defeat this, a special “pick” must be created specifically to activate the lock. However, this requires physical space that is scarce, so that pick must be made of a very high quality steel because it must be very thin in order to allow other picks into the lock. Further, it must meet the magnetic requirements of the magnetic sensor. However, let’s assume that the designer allows for this to “pass”, i.e. for the lock to be activated with no pins pushed and no RFID check.
If those conditions are met, the lock picker must then simultaneously (or nearly simultaneously) push all pins into the correct position. This is virtually impossible, but let’s assume it can happen.
So next, assuming activation AND all pins correctly in position and the activating pick and the pin picks are magnetically correct, the key must also pass the RFID test. At this point, it’s simply practically impossible.
The RFID check can be keyed to specific individuals. That is, a proper key can have RFID signatures for multiple users. This can be programmatically changed so that keys can be issued to MANY people with individual signatures.
Now, let’s assume a rogue, fired employee. That employee’s key’s RFID can be “blocked” in the lock programmatically. So if the employee gives their key to a bad actor, it won’t work and the bad actor will receive a shock or a face full of pepper spray.
For the “rogue key” to work, the key would need its RFID to change. This is possible. But extremely difficult as the bad actor would need to find the rogue employee, get the key, steal an RFID from a legitimate employee, and then reprogram the key’s RFID, for which there are countermeasures.
Yes, this design can be defeated, but the effort to defeat it is by far much more than any other design out there that I know of, especially when combined with bio-id such as fingerprint, facial recognition, and voice recognition. Throw in video surveillance and manual authorization by a security guard, and the chances of this system being defeated is near zero.
So, there you have it. An “unpickable”, pickproof lock.
I would LOVE to hear what other professionals in the industry think about my design concept.
I think the top objections are that it would be extremely expensive to implement, e.g. the steel for the key alone would be expensive and push the price of the key above $100 USD, and that the legality and litigation risk would also present issues. However, if we ignore expense and legal issues, then I think we have a winner.
