Keys & Locks

Overview

Locking the door is one of the easiest methods of securing our house, offices, and other important spaces. Standard locks are vulnerable to attack from lock picking or more crude methods of breaking in. In addition to securing computer systems digitally, students should consider how computers are physically secured.

Purpose

Understand locks as systems and understand how they work to understand how they might be exploited. This is another analogy to computing systems in finding potential vulnerably by understanding the way the underlying system works.

Objectives

Students will be able to:

• Understand the vulnerabilities of a standard lock set.
• Identify additional security measures to secure a room or building.

Preparation

Links

• For the Teacher
• For the Students
  • https://art-of-lockpicking.com/how-to-pick-a-lock-guide/
  • https://en.wikipedia.org/wiki/Lock_bumping

Vocabulary

Teaching Guide

Getting Started:

• Podcast: 99% Invisible - Perfect Security
  • http://99percentinvisible.org/episode/perfect-security/

Activity:

• Research how pin & tumbler locks work.
• Research how bump key works
• https://toool.us/education.html

Activity:

• Look at the pin guides provided by Devian Ollam
  • https://github.com/deviantollam/decoding
• Using those overlays and a photo editor, try to work out the pin settings for a key with only a photo.
  • Examples in this video: https://www.youtube.com/watch?v=AayXf5aRFTI starting at around 13:00.
• Example key images
  • key1.jpg
  • key2.jpg
  • key3.jpg
  • key4.jpg
  • key5.jpg
  • key6.jpg
  • key7.jpg

Activity:

• Read about TSA lock sets being leaked
• Write a response (blog?) on the consequences of including a “back door” to a lock.

Wrap-up

Discussion:

• With the weaknesses of locks, why do we still use them?
• What is the downside to breaking in with a lock pick… how might you be caught?
• What could be done to strengthen security of locks?

Video:

• Scam School - Lock Picking
  • https://www.youtube.com/watch?v=WpH_t0u5Ybg

Assessment Questions

Extended Learning

• 3D Printing: TSA Master Lock Sets
  • https://3dprint.com/143860/tsa-master-keys-hacked-again/
• Door Security - Shakacon
  • https://www.youtube.com/watch?v=4YYvBLAF4T8
• SANS ICS Security Summit 2017 - Same talk as above but more information… no swearing.
  • https://www.youtube.com/watch?v=qg-zK2zv4ng
• Source Conference - 2010
  • https://www.youtube.com/watch?v=vxXryID5F7M
• Another video of getting duplicating keys from a photo
  • https://www.youtube.com/watch?v=SO0Y0HLvvpA

    Standards Alignment

License

Cyber Security Curriculum is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.