A Riddle about an Electronic Door Lock

[Kerim]

To know when it is time to explore my solution with you for this special case, I guess I have to wait for 3 requests in the least (obviously a 'like' is equivalent to a request ).

 

[Kerim]

So far, there are 2 'likes'.
I think I have to prepare myself since now... for the coming interview which will be, supervised by 3 scientific serious judges in the least

 

[Tony Stewart]

One way to make it harder for someone to copy what was seen on a number keypad is to use a keypad cover that obscures the view of the keys.

 

[Kerim]

One way to make it harder for someone to copy what was seen on a number keypad is to use a keypad cover that obscures the view of the keys.

Indeed, it is a good solution (for instance, Reloadron said it too on post #15).

As I pointed out on post #1, I had to use a conventional 4x3 keypad as it is. Sorry, I guess I had to be clearer and added... whose keys were visible. After all, it won't be a riddle related to programming

 

[Tony Stewart]

So the observer's skill to replicate sequence and timing is needed to unlock this secret.

 

[Kerim]

So the observer's skill to replicate sequence and timing is needed to unlock this secret.

Yes, it is something like this.

But it is also simple for kids who used sometimes checking their friend's skills to open the door as they did. As expected, none of their friends succeeded (otherwise, I had to find another solution).

 

[Kerim]

By the way, the end purpose of this thread is simply to show, by a real example, the validity of a saying which most members here heard of: “Necessity is the mother of invention (or innovation)”.

I don’t exaggerate if I say that no one here is less intelligent than I.

Finding the solution here that satisfies the given conditions above is somehow, for most of you if not all, just playing a sort of intellectual game for fun. But it was a ‘Necessity’ to me.
In my turn, I won’t be surprised when I have no idea about solutions (in one field or another) which could be discovered by others, and I didn’t have a real need to think of, anytime in my life.

 

[Tony Stewart]

But it is also simple for kids who used sometimes checking their friend's skills to open the door as they did.

So you are suggesting that your kid's friends were not as smart as an adult with Engineering skills who would be able to copy and open it or there is some other secret involved not visible to this thread so they would not be able to open it.

- like waiting a predetermined time before pressing "open" key

 

[Kerim]

- like waiting a predetermined time before pressing "open" key

You are on the good track, but it is not exactly this.
As I mentioned earlier, timing has a role... but the question was what could be done to let opening the door be simple and robust at the same time

(By the way, even my adult friends couldn't make it too. I mentioned the kids to just show that it worked even if the user was a kid.)

 

[Kerim]

It seems that all those who read this thread (its riddle and the posts related to it) couldn’t believe that an acceptable solution can exist (as it was the case about the existence of a simple reliable demodulator for a DSB-SC signal ).

So, I guess, no one around here has a good reason to add a third request (or a 'like') just to hear a solution which, to him,, cannot satisfy, for sure, the conditions of the riddle.

One way to convert the disbelievers to believers is by revealing clearly the solution (actually the algorithm which receives the pressed keys).

Let us suppose the secret 6-digit code is 831754.
If the user, at the door, is alone, he just needs to press ‘Start’, 8, 3, 1, 7, 5 and 4 followed by ‘End’.
If he has a company, the lock system allows him to extend the code up to 12 digits (if not up to 15 digits).
Here are three examples of an extended code:
‘Start’, 1, 8, 3, 9, 0, 1, 7, 4, 6, 5, 4 and 2 followed by ‘End’.
‘Start’, 4, 7, 8, 4, 3, 1, 7, 5, 2, 4, 0 and 1 followed by ‘End’.
‘Start’, 8, 5, 1, 3, 7, 1, 7, 4, 5, 6, 0 and 4 followed by ‘End’.

Most of you, if not all, likely noticed how the algorithm works.
After activating the system of the door lock by pressing ‘Start;, the system ignores any pressed key till it gets the 1st digit of the secret code (here '8'). Similarly, this is repeated for the remaining 5 digits. After the reception of the last digit, pressing ‘End’ opens the door. But this is not the end of the story

The extended code should be entered during a limited period of time. It was, if I remember well, 7 or 8 sec. And for a key to be accepted, it should be pressed for not less than 200ms.

The ‘Start’ key also activates the doorbell. If no other key is pressed afterwards, the system simply shuts off at the end of the limited time. Otherwise, before returning to the standby state, it activates once more the doorbell but for a longer time to signal there is someone at the door who tries to open it (unless the right code was entered, and the door was opened by the ‘End’ key).

In these days, the strokes could be recorded by a hidden mobile, if not by a tiny video camera. But there will be also the need to memorize well a rather long sequence in order to repeat it rather quickly without pauses. And this possibility didn’t exist in the 80’s, in my city in the least.

Kerim

 

[Tony Stewart]

Congrats, you have a clever solution. I dismissed this idea.
It fails the criteria "passkey should be not more than 6 digits", when you describe the passkey as the "observed passkey" (which includes dummy keys).

I had similar ideas excluded such using N key rollover with dummy sequences created by the order of the key released rather than one pressed first. This is always the cause of typing errors when the 3rd letter is transposed with the 4th. But this is harder to avoid errors.

Certainly adding false entropy is the best solution but it might not stop a heavy foot or door kick...

So I give your solution full marks with the redundant extra key method.

 

[Kerim]

It fails the criteria "passkey should be not more than 6 digits", when you describe the passkey as the "observed passkey" (which includes dummy keys).

But it is still not more than 6 digits to be memorized by the user, right?
Choosing the extra digits and where to insert them depends on the talent of the user.
I noticed that kids were not less talented in this field than their adults, me included

 

[Kerim]

Certainly adding false entropy is the best solution but it might not stop a heavy foot or door kick...

This is very true.

 

[rjenkinsgb]

the system ignores any pressed key till it gets the 1st digit of the secret code (here '8'). Similarly, this is repeated for the remaining 5 digits.

Does that not mean that someone knowing the system could just press every key in sequence, repeatedly, and the correct one from each 0-9 set would be accepted??

 

[Kerim]

Does that not mean that someone knowing the system could just press every key in sequence, repeatedly, and the correct one from each 0-9 set would be accepted??

Good remark.
Obviously, I also thought about this. But let us re-think about this possibility.
One has 8 sec to enter the code. And for a key to be accepted, it has to be pressed for not less than 200ms.
And, from which key he will choose to start and in which direction? This had to be considered every time I decided on a code.
Let us take, for example, the given code above, 831754. If he will start from 1 and upwards, he will reach the key 8 after 8 entries. If he continues, he will reach the key 3 after another 5 entries and there are 4 digits to be entered.
If he will start from 0 and downwards, he will reach the key 8 after 3 entries. If he continues, he will reach the key 3 after another 5 entries, the key 1 after 2 entries, the key 7 after another 4 entries, the key 5 after another 2 entries and the key 4 after one entry. The sum is 17 entries. And let us suppose he is skilled to do this in 8 sec (since this code which I chose here just to explain the algorithm, is not good). He still doesn't know for sure when to stop (for not knowing the last digit of the code) and press the 'End' key.
Anyway, for fun, some friends tried what we are talking about now in many different ways and couldn't open the door

 

[rjenkinsgb]

It's very good for the original application and an ingenious concept, but not an inherently secure system overall, as you have described it.

As described, someone could enter anything from 24 to 30 digits within eight seconds before pressing End, which would give a good chance of bypassing it with a few up, down and up-down attempts.


Some very trivial mods could make it totally secure (within the limits of a six digit code) by adding an increasing lockout time after two or more wrong code entries and eg. no more than two "false" digits between valid digits?

I cannot then think of any possibly key-entry bypass or crack; mechanical bypass would be the only option.

Just don't have access to the solenoid wires possible by pulling the keypad off, like some big-name commercial ones do!

(One of my side-hobbies is messing with locks etc., so I tend to be rather keen on things like this, and like exploring what possible flaws or weaknesses they have, it's not personal
There are very few commercial locks I consider really secure; many common ones are truly abysmal).

 

[Kerim]

It's very good for the original application and an ingenious concept, but not an inherently secure system overall, as you have described it.

As described, someone could enter anything from 24 to 30 digits within eight seconds before pressing End, which would give a good chance of bypassing it with a few up, down and up-down attempts.

Some very trivial mods could make it totally secure (within the limits of a six digit code) by adding an increasing lockout time after two or more wrong code entries and eg. no more than two "false" digits between valid digits?

Please feel real free anytime you talk to me (but we can't be sure about others). I personally have no red lines
I appreciate your interesting valid remarks.
You know, if I will produce again, in these days, an advanced door lock (which is unlikely to happen), there are many other things to be considered before I design it.

I cannot then think of any possibly key-entry bypass or crack; mechanical bypass would be the only option.
Just don't have access to the solenoid wires possible by pulling the keypad off, like some big-name commercial ones do!

My old door lock had two parts; an external keypad under which an MCU sends, serially, on two wires what represents the pressed key, and an internal controller, supplied by 4 AA batteries, for all other tasks. If I remember well, I even encrypted the serial bit stream between the two parts (as if the door was at NASA ).

 

[Pommie]

Where did my post go?

Mike.

 

[rjenkinsgb]

My old door lock had two parts; an external keypad under which an MCU sends, serially, on two wires what represents the pressed key, and an internal controller, supplied by 4 AA batteries, for all other tasks. If I remember well, I even encrypted the serial bit stream between the two parts (as if the door was at NASA ).

That's waaay better than the majority of commercial smart locks! And many mechanical locks, come to that!

Have a look at these, they are quite amusing in how bad the are:

 

[Kerim]

That's a dangerous assumption. I can name a few poster that appear to be much less intelligent than you.


Mike.

They may have less knowledge than mine in certain fields in which I am interested. As I likely have less knowledge than what they liked to learn and experience.
The human intelligence is supposed to help humans complement each other by having interests in many different fields.

 

[Tony Stewart]

I recall in 1970 the University Engineering maintenance staff would drill a small hole in the back of old locks in a special location to remove them, then years later losing my Audi car keys on a golf course and calling a locksmith who made a duplicate key in minutes with a small file and vicegrips. Now I rarely lock my Mercedes SUV or our home from no fears. It's a late model and the house has no profitable items to me.

 

[Kerim]

deleted, it was a replica

 

[Tony Stewart]

I admire Kerim's design for its complex security with simplicity in an adverse environment. The simplest solutions from out-of-the-box thinking and creative choices are my favourite memories.

 

[Pommie]

I don’t exaggerate if I say that no one here is less intelligent than I.

Do you realise that "no one here is less intelligent" means everyone is more intelligent?

My post above appears to have disappeared but your reply (#38) quoting it remains.

Mike.