Homes, businesses and other critical infrastructure are often locked with outdated technology that offers only the appearance of security. While expensive lock systems may offer several minutes of penetration resistance, most locks can be breached by skilled thieves in seconds. Electronic locks can be bypassed without knowledge of the code, and master-key systems can be decoded.
Generally, a key or combination presents information to a lock. Using the tentative method of lock-picking, a lock-picker extracts other information from a lock in such a way to present an effective key or combination faster than using a brute-force approach. For instance, a lock-picker may bypass the presentation of a valid key. As an example, in a classic electronic lock, the combination can be compared to one or more valid codes. If the code is deemed valid, then a signal is generated to move a bolt by means of a servomotor. However, a lock-picker may bypass the need for a valid code simply by causing the bolt to move by a different trigger, such as, for example, independently energizing the solenoid.
The present disclosure describes, among other things, a way to actuate an electromechanical lock using one or more transducers according to cryptographically filtered information that is presented by one or more factors of authentication. This approach is in contrast to directly actuating a bolt or other locking mechanism, as is common with traditional electromechanical locks. In addition, the methods of unlocking an electromechanical lock described in this disclosure are accomplished without the lock having access to its access code. Unlike traditional electromechanical locks that store an access code in memory and compare provided key codes to the stored access code to determine if they are the same, the locks described in this disclosure do not store or otherwise have access to their access codes because authorizing a provided key code is not performed based on a comparison to an access code. Rather, the provided key code is used to generate movement instructions that either cause the lock's locking mechanisms to move to a position that unlocks the lock if the provided key code is valid, or cause the lock's locking mechanisms to a position that does not unlock the lock if the provided key code is not valid. As such, the locks described in this disclosure are less susceptible to hacking and unauthorized access because the information known by and/or stored by the lock, even if breached, would be of little to no use to a lock-picker.
This disclosure is not limited to the particular systems, methodologies or protocols described, as these may vary. The terminology used in this description is for the purpose of describing the particular versions or embodiments only, and is not intended to limit the scope.
As used in this document, the singular forms “a,” “an,” and “the” include plural reference unless the context clearly dictates otherwise. Unless defined otherwise, all technical and scientific terms used herein have the same meanings as commonly understood by one of ordinary skill in the art. All publications mentioned in this document are incorporated by reference. All sizes recited in this document are by way of example only, and the invention is not limited to structures having the specific sizes or dimension recited below. As used herein, the term “comprising” means “including, but not limited to.”
In an embodiment, an electromechanical locking system includes one or more moveable locking elements and one or more actuators configured to move each of the one or more moveable locking elements between a plurality of positions that comprise a locked position and an unlocked position. The electromechanical locking system also includes a receptacle configured to receive a key, a sensor, a processor; and a computer-readable storage medium. The computer-readable storage medium contains programming instructions that are configured to cause the processor to cause the sensor to scan the key and detect one or more features of the key when the key is inserted into the receptacle, identify a first code that corresponds to the detected features of the key, and apply one or more functions to the first code to yield a second code. The second code includes one or more characters, each of which corresponds to one of the plurality of positions. The processor causes the one or more actuators to move the one or more movable locking elements to the one or more positions that correspond to the one or more characters of the second code.
In some embodiments, the one or more actuators may be configured to move the one or more movable locking elements without any of the moveable locking elements being mechanically interconnected to the key.
In some embodiments, the processor may receive an instruction to enter a re-keying mode, receive a new key in the receptacle, cause the sensor to scan the new key and detect one or more features of the new key, identify a first updated code that corresponds to the detected features of the new key, based on the first updated code, identify a new value that the system will then use with the function to generate the second code upon presentation of the new key, and store the new value in a memory.
In some embodiments, the first code may not be stored on any memory device that is accessible by the processor when the key is not in the receptacle. In other embodiments, the first code may not derivable from any information that is stored on any memory device that is accessible by the processor.
In some embodiments, the sensor may include an optical sensor. The processor may cause the optical sensor to detect the first code that is encoded in an optical pattern of the key. In other embodiments, the processor may cause the optical sensor to detect one or more dimples cut into the key.
In some embodiments, the processor may obtain a salt value, append the salt value to the first code to generate a result value, hash the result value to generate a hashed value, retrieve an offset value, and apply the offset value to the hashed value to generate the second code. The processor may retrieve the salt value from a data store of the electromechanical locking system. The processor may retrieve the offset value from a data store of the electromechanical locking system.
In various embodiments, the processor may receive an instruction to enter a re-keying mode, receive a new key in the receptacle, cause the sensor to scan the new key and detect one or more features of the new key, identify a first updated code that corresponds to the detected features of the new key, append the salt value to the first updated code to obtain a new result value, hash the new result value to generate a new hashed value, determine a difference value equal to a difference between the hashed value and the new hashed value, generate a new offset value by applying the difference value to the offset value, and store the new offset value in a data store.
In some embodiments, an electromechanical locking system may include a power source, which may be a battery, a mains power supply, a battery located in a key, or a photovoltaic cell.
In an embodiment, an electromechanical locking system includes one or more moveable locking elements and one or more actuators configured to move each of the one or more moveable locking elements between a plurality of positions that comprise a locked position and an unlocked position. The electromechanical locking system also includes a processor and a computer-readable storage medium containing programming instructions. The programming instructions are configured to cause the processor to receive a first code, apply one or more functions to the first code to yield a second code, where at least a portion of the second code represents one of the plurality of positions for each of the one or more moveable locking elements, and cause the actuator to move the one or more movable locking elements to the one or more positions that correspond to the second code.
In some embodiments, the processor may cause an interface to read information from a magnetic stripe of a key to obtain the first code. In other embodiments, the processor may cause a reading device to read a printed memory label of a key to obtain the first code. In other embodiments, the processor may obtain the first code that is stored in a radio frequency identification tag of the key. In some embodiments, the processor may receive the first code from a user via a user interface of the electromechanical locking system. In some embodiments, the processor may receive the first code from an application residing on an electronic device associated with a user. In some embodiments, the processor may receive, via a scanning device of the lock, biometric data from a user.
In some embodiments, the processor may receive, from a first interface of the electromechanical locking system, first information, receive, from a second interface of the electromechanical locking system, second information, and derive the first code from at least a portion of the first information and at least a portion of the second information.
In various embodiments, the one or more moveable locking elements include one or more pins. The second code may include one or more characters, where each of the one or more characters corresponds to a position of one of the one or more pins.
In various embodiments, the one or more moveable locking elements may include one or more rotating discs. The second code may include one or more characters, where each of the one or more characters corresponds to a position of one of the one or more rotating discs.
In some embodiments, the processor may receive a key identifier associated with a key that is configured to unlock a plurality of electromechanical locks. The processor may use the key identifier to retrieve, from a data store, key information associated with the key. The processor may apply the one or more functions to the first code, the key identifier and at least a portion of the key information to yield the second code.
The following terms shall have, for purposes of this application, the respective meanings set forth below:
A “computing device” or “electronic device” refers to a device that includes a processor and non-transitory, computer-readable memory. The memory may contain programming instructions that, when executed by the processor, cause the computing device to perform one or more operations according to the programming instructions. As used in this description, a “computing device” or “electronic device” may be a single device, or any number of devices having one or more processors that communicate with each other and share data and/or instructions. Examples of computing devices or electronic devices include, without limitation, personal computers, servers, mainframes, gaming systems, televisions, and portable electronic devices such as smartphones, personal digital assistants, cameras, tablet computers, laptop computers, media players and the like.
A “key” means a mechanism that presents information to a lock, or that can be interrogated by a lock, for the purpose of gaining access to a resource that the lock protects. For example, a key may be an object the presents an access code to a lock by means of one or more of its physical characteristics, such as, for example, its shape. A traditional physical key is an example of such a key. A key may also be a device that a lock can interrogate to obtain information. A keycard having a programmed memory chip, a radio frequency identification (RFID) tag, a magnetic stripe, printed memory and/or the like are examples of such a key. A key may be information provided by a user to gain access to a lock. A biometric, a manually-provided password or access code and/or the like are examples of such a key.
A “lock” refers to a mechanical and/or an electromechanical mechanism for restricting unauthorized physical access to a resource. Examples of locks include, without limitation, a pin tumbler lock, disc detainer lock, a combination lock and/or the like.
A “resource” refers to an object, a location or other item or property that is protectable by a lock. Example resources may include, for example, doors, vaults, lockers, drawers, windows, automobiles, bicycles, and/or the like.
A lock 102 may also include or communicate with one or more sensors 110. A sensor 110 refers to a mechanism that detects information from a key. Example sensors 110 may include, without limitation, one or more optical sensors, electrical sensors, receivers, transponders, transducers and/or the like. A sensor may be part of the interface 108 and thus detect insertion of a key into the interface, or it may be a near-field or short-range communication sensor configured to detect when a key is proximate to the sensor by being within the sensor's communication range. In various embodiments, the sensor(s) 110 and moveable locking element 116 are not mechanically interconnected, which may prevent tampering with one or more moveable locking elements 116. As such, it is not mechanical interconnection between a key and moveable locking elements 116 that causes the moveable locking elements to change position. Rather, a locking system uses information obtained from a key to cause one or more actuators to adjust the position of the moveable locking elements.
As illustrated by
A lock may include one or more actuators 120. An actuator may be in communication with the processor of a lock, and may control the movement of one or more of the moveable locking elements 116 in response to one or instructions received from the processor. Examples of actuators include, without limitation, springs, levers, transducers, servomotors and/or the like.
In various embodiments, a lock 102 may be in communication with one or more electronic devices 112a-N via a communications network 114. The lock 102 may be managed, operated and/or controlled remotely via one or more electronic devices 112a-N. A communication network 114 may be a local area network (LAN), a wide area network (WAN), a mobile or cellular communication network, an extranet, an intranet, the Internet and/or the like.
A lock 102 may have a power supply 118, as illustrated by
The electromechanical locking systems described in this disclosure may be used in a variety of different environments. For instance, the described electromechanical locking systems may be used to lock one or more doors, windows or other access points in apartment complexes, universities, offices, hospitals, hotels, retail environments, homes, vehicles, and/or the like. The electromechanical locking systems described in this disclosure may be compatible with technologies that protect against key cloning such as, for example, code cycling technologies, cryptographic technologies and/or the like.
A key code refers to data presented to a lock via a key to gain access to the lock. In various embodiments, a key code may include an optical pattern. An optical pattern refers to an optical representation of data presented in a sequence or other pattern which can be read by an optical sensor. Examples of optical patterns include, without limitation, bar codes, Quick Response (QR) codes, data codes and/or the like. An optical pattern may be encoded on a key, embedded in a key or printed on a key. When the key is presented to a lock, such as, for example, via an interface of the lock, one or more optical sensors of the lock may detect the key code from the key. For example, when a key is inserted into a receptacle of a lock, the processor of the lock may cause an optical sensor to scan the key and detect one or more optical patterns.
As another example, a key code may be encoded as one or more physical features of the key. For instance, a key code may be encoded in physical features of a key such as dimples, indentations, or grooves that are cut into the key. The sequence or pattern of dimples, indentations, or grooves may represent a sequence or pattern of data representative of the key code. When the key is presented to a lock, such as, for example, via an interface of the lock, one or more optical sensors of the lock may detect the one or more dimples, indentations or grooves from the key to obtain the key code represented by such dimples, indentations or grooves.
In an embodiment, a key code may be one or more patterns of conductivity that is printed, cut or masked onto a key. For example, electronic functional ink may be used to print one or more patterns onto a key. The electronic functional ink may exhibit high conductivity. When a reader applies current to the ink, it may exhibit one or more patterns that represent a key code. Alternatively, one or more conductive elements, may be embedded in a key in a pattern that represents a key code. For instance, a key card composed of a plastic substrate may one or more conductive wires embedded into the key. When a reader applies current to the key, the conductive elements may exhibit one or more patterns representative of a key code.
When the key is presented to a lock, one or more electrical sensors of the lock may detect one or more patterns of conductivity to obtain the key code.
In an embodiment, a key code may be encoded as data into a magnetic stripe of a keycard. When the keycard is presented to a lock, a magnetic stripe reader may read the key code from the keycard. In other embodiments, a key code may be encoded within at least a portion of a QR code. In other embodiments, a key code may be contained within one or more micro-circuits of a key, such as a keycard.
As another example, a key code may be within a digital label of a key, such as a keycard. In certain embodiments, a digital label may be a printed memory label, such as Xerox Printed Memory. A printed memory label is a secure, printed electronic label that includes rewritable memory to store information. For instance, Xerox Printed Memory may store bits of data in the orientation of certain molecules in one or more layers of a printed memory label. When the key is presented to a lock, an interface of the lock may read the printed memory label to obtain the key code.
In an embodiment, a key code may be stored on an RFID tag of the key. An RFID tag may be an active tag, a passive tag, and/or a semi-passive tag. An RFID tag may be fabricated from silicon, printed circuitry and/or the like. When the key is presented to a lock, an RFID reader of the lock may obtain the key code from the RFID tag.
As yet another example, a key code may be provided by a user of a lock. For instance, a user may enter a key code via an interface of a lock such as, for example, a keypad or touchscreen. In an embodiment, a user may provide a key code to an application on a user's electronic device, such as, for example, a smartphone. The electronic device may send the provided key code to the lock.
In another example, a key code may be biometric data presented by a user. For example, a scanning device of a lock may receive biometric data from a user such as, for instance, an iris scan, a fingerprint scan and/or the like.
In yet another example, a lock may receive a key code from a remote electronic device over a communication network. For instance, a maintenance worker at an apartment may need to access an apartment to address an emergency and may not have access to a master key. Building security may remotely send a key code to unlock the lock or to temporarily authorize the maintenance worker's key to access the specific apartment. In another embodiment, building security may temporarily and remotely authorize the maintenance worker's key for the specific apartment.
In various embodiments, an electromechanical locking system may require multi-factor authentication to unlock the lock. In this situation, a key code may be information that is derived, compiled or aggregated from two or more different sources or interfaces. For example, an electromechanical locking system may include a keypad 300 and a magnetic stripe card reader 302 as illustrated by
A processor may obtain a key code using information collected from the multi-factor authentication methods. For instance, in the above example, a processor may obtain a key code by concatenating or combining at least a portion of the information received by the magnetic stripe card reader from a presented magnetic stripe card and the PIN received by the keypad. Additional and/or alternate data manipulation and/or processing techniques may be used within the scope of this disclosure to generate or obtain a key code. Moreover, additional and/or alternate sources of information may be used within the scope of this disclosure. For instance, an electromechanical locking system may include one or more of a magnetic stripe reader, a printed memory label reading device, an RFID reader, a smartcard reader, a combination entry interface, a keypad, a touchscreen, a biometric scanner and/or the like. For example,
Referring back to
In an embodiment, at least a portion of a proposed access code represents a position for one or more of the moveable locking elements of a lock. For instance, in various embodiments, a proposed access code may include one or more characters, such as numbers, letters, symbols and/or the like. One or more characters of the proposed access code may correspond to a position of a corresponding moveable locking element. For instance, a proposed access code may be “123”, where “1” corresponds to a position for a first moveable locking element of a lock, “2” corresponds to a position for a second moveable locking element of the lock, and “3” corresponds to a position for a third moveable locking element of the lock. Additional and/or alternate codes and/or positions may be used within the scope of this disclosure.
As shown in
A lock may append 502 the salt value to the key code to generate a result value. The lock may hash 504 the result value to generate a hashed value. Any suitable hashing technique, such as, for example, SHA-256 algorithm, may be used. In an embodiment, a lock may retrieve 506 an offset value. For instance, a lock may retrieve 506 an offset value from a data store of the lock or associated with the lock. The lock may apply 508 the offset value to the hashed value to generate a proposed access code.
In various embodiments, at least a portion of a proposed access code represents a position for one or more of the moveable locking elements of a lock. Referring back to
Unlike traditional pin tumbler locking systems (or other known locking systems), the actuators of the locking systems described in this disclosure adjust a position of one or more moveable locking elements without any mechanical operation of the actuators caused by movement or other engagement of a key. In other words, the key itself does not mechanically engage the actuators.
For example, the pin tumbler lock shown in
The pin tumbler lock may obtain the key code 2-2-2-1-3 as discussed above with respect to
The pin tumbler lock may obtain a salt value. For instance, the pin tumbler lock may have the salt value 1-1-1-2-3-2-3-3-3 stored in memory of its processor. The pin tumbler lock may append this salt value to the key code to generate a result value. In this example, the result value is 2-2-2-1-3-1-1-1-2-3-2-3-3-3. The pin tumbler lock may hash the result value, which may result in a hashed value of 3-3-1-2-2.
The pin tumbler lock may retrieve an offset value such as, for example, from its memory. In this example, the offset value retrieved by the lock is 1-3-1-1-1. Applying the offset to the hashed value yields a proposed access code of 1-3-2-3-3. In this example, each of these numbers represents a location of a corresponding pin of the pin tumbler lock as illustrated in Table 1.
As discussed above, the proposed access code represents a position for one or more moveable locking elements of the lock. For example, the processor of the pin tumbler lock may instruct the actuator(s) to move Pin 1 to a position represented by ‘1’, Pin 2 to a position represented by ‘3’, Pin 3 to a position represented by ‘2’, Pin 4 to a position represented by ‘3’ and Pin 5 to a position represented by ‘3.’ Because these positions correspond to the pin positions associated with the code to which the lock is keyed, the lock will open.
If an incorrect key is presented to the lock, however, the position of the pins will not allow the lock to open. For instance, an incorrect key having a key code of 2-3-2-1-3 may be presented to the pin tumbler lock from the above example. The lock may append the salt to the key code to generate a result value of 2-3-2-1-3-1-1-1-2-3-2-3-3-3. The lock may hash this result value to yield a hashed value of 3-2-2-3-2. Applying the offset value generates a proposed access code of 1-2-3-1-3. However, moving the pins to positions represented by this proposed access code will not allow the lock to open.
As evident from the above disclosure and examples, a lock is not aware of its own access code. In other words, an access code that unlocks a lock is not stored in a data store of the lock or in a data store that is accessible by the lock. In various embodiments, an access code that unlocks a lock may not be derived from information stored by the lock or by a data store that is accessible to the lock. The access code may only be available to a lock when the key is presented to the lock. For example, an access code that is stored by a key may only be accessible to the lock when the key is engaged with an interface of the lock, such as being inserted into a receptacle of the lock. As such, if a lock is electronically compromised, the information that is stored by the lock, such as, for instance, a salt value and/or an offset value, contain no useful information about any key's key code or the access code for the lock.
Even if a lock is mechanically compromised, and its access code is observed from inspection of its locking mechanism(s), the key code may not be uniquely derivable from the access code. As such, observation of the access code is useless for gaining access to other locks that could be opened by the same key.
It is noted that the above examples describe a pin tumbler lock with five key pins, each of which is selected from one of three lengths. However, additional and/or alternate number of pins and available lengths may be used within the scope of this disclosure. For instance, a lock system may use five key pins, each of which is selected from one of six lengths.
Similarly, although the above examples involve a pin tumbler lock, it is understood that additional and/or alternate locks may be used within the scope of this disclosure. For example, a disc detainer lock may be used where a proposed access code corresponding to the position of one or more rotating discs of the lock is determined. The lock then instructs one or more actuators to adjust the position of one or more rotating discs according to the movement instructions that correspond to the proposed access code.
In various embodiments, a lock may be re-keyed upon request by a user.
In an embodiment, the user may present 708 the lock with a new key. The lock may obtain 710 the key code from the new key. In various embodiments, the lock may determine 712 an updated offset value based on the key code from the new key. For example, the lock may append its salt value to the key code for the new key, and may hash the result value. The lock may determine a difference between the old hashed value for the lock and the new hashed value associated with the new key. The lock may then offset the offset value of the lock by the determined difference, and store the result in a data store. In an embodiment, the result may be stored in place of the offset value. As such, a lock may be re-keyed by offsetting the offset value for the lock.
As an example, a lock may receive a key code of 2-2-2-1-3 using a salt value of 1-1-1-2-3-2-3-3-3, which results in a hashed value of 3-3-1-2-2, which is then offset by an offset value of 1-3-1-1-1 to open the lock with an access code of 1-3-2-3-3. A user wishes to re-key the lock to authorize a key code of 2-3-2-1-3.
The user presents the lock with a new key, which the lock salts and hashes to obtain a hashed value of 3-2-2-3-2. The old offset value 1-3-1-1-1 is itself offset by the difference between the hashed values (1-3-1-1-1)+(3-3-1-2-2)−(3-2-2-3-2)=(1-1-3-3-1), and the new offset value 1-1-3-3-1 is stored by the lock. When the new key is presented to the lock, the salted key code 2-2-2-1-3-1-1-1-2-3-2-3-3-3 results in a hashed value of 3-2-2-3-2, which is offset by the new offset value 1-1-3-3-1 to obtain a proposed access code of 1-3-2-3-3, which opens the lock.
In various embodiments, a lock may be part of a master-key system. In such a system, a single key may be used to access multiple different locks. For example, an apartment building may utilize a master-key system. A key, such as one belonging to the building superintendent, administrator, supervisor and/or the like, may be used to unlock all apartment units in the apartment as well as any locks to common areas, such as, for example, lounges, exercise rooms or laundry facilities. As another example, a tenant's key may also be authorized to open more than one lock. For example, a tenant key may unlock the lock of the tenant's apartment, but also the lock of a common area.
In a master-key system, a key may be associated with an authorization level. An authorization level refers to an indication of the rights that are or are not associated with the key. For example, an authorization level may indicate that an owner has the right to create master keys or change keys. As another example, an authorization level may indicate that an owner does not have the right to create master or changed keys.
A master-key system, such as the one shown in
Key information may include an authorization level associated with the key and/or a parent code associated with the key. A parent code refers to an identifier associated with a parent key that created the key. The key information may also include a salt value associated with the key and/or an offset value associated with the key.
In various embodiments, a lock of a master-key system may apply one or more functions to the key code, the key identifier and at least a portion of the key information to generate a proposed access code. For example, a lock may combine the key identifier, the key code, the parent code and the authorization level to generate a preliminary result. The lock may append the salt value to the preliminary result to generate a first intermediate result, and hash the first intermediate result to generate a second intermediate result. The lock may apply the offset value to the second intermediate result to generate the proposed access code. In an embodiment, the lock may instruct one or more actuators of the lock to adjust a position of one or more locking mechanisms of the lock according to the movement instructions represented by the proposed access code.
When the lock is open, authorization of subordinate keys may be enabled, resulting in additions to the lock's data store. Or the lock may be re-keyed by appropriate changes to the data store.
Program instructions, software or interactive modules for providing the interface and performing any querying or analysis associated with one or more data sets may be stored in the memory device 920. Optionally, the program instructions may be stored on a tangible, non-transitory computer-readable medium such as a compact disk, a digital disk, flash memory, a memory card, a USB drive, an optical disc storage medium and/or other recording medium.
An optional display interface 930 may permit information from the bus 900 to be displayed on the display 935 in audio, visual, graphic or alphanumeric format. Communication with external devices may occur using various communication ports 940. A communication port 940 may be attached to a communications network, such as the Internet or an intranet.
The hardware may also include an interface 945 which allows for receipt of data from input devices such as a keypad 950 or other input device 955 such as a touch screen, a remote control, a pointing device, a video input device and/or an audio input device.
It will be appreciated that the various above-disclosed and other features and functions, or alternatives thereof, may be desirably combined into many other different systems or applications or combinations of systems and applications. Also that various presently unforeseen or unanticipated alternatives, modifications, variations or improvements therein may be subsequently made by those skilled in the art which are also intended to be encompassed by the following claims.