Schneier on Security

Clive Robinson • June 3, 2016 5:05 AM

@ K15,

Please explain how security works?

You did not ask which sort of security… Which makes the answer harder to understand.

At it’s lowest level security is about “correct functioning of a system when transitioning it’s states”. All systems exist in states and are designed to move from one desired state to another desired state under a set of rules of operation, that is the transition is also a state. Providing all the states are known correctly and all the rules correctly specified and implemented then the system will always be correctly functioning.

The problem with this is two fold, the first is that knowing all the states even in the simplest of systems is effectively impossible, the second is that as the number of rules increase so does the number of states.

So in effect security is a game of trying to find faults in a system, most frequently these faults are to be found in the transition states, which has not be correctly understood and thus specified.

As the thread is about lock picking, which is physical security, as an example consider the split pin in the barrel and body of a lock, on which the correct functioning of the lock depends.

As the pin is operated by the insertion of the key it moves against the preasure of the key and the preasure of the spring pushing the pin into the tumbler. At a given hight the split in the pin is at the transition between the barrel and the body of the lock. The assumption is that only with the correct key will the five or more pins in the barrel be at the correct position that all their splits align with the barrel / body transition and therefore the barrel can turn activating the latch etc.

The first thing you notice on examinimg locks of this type is that different metals are used for the pins and the body and barrel. The reason for this is a mixture of cost and reliability in many environments. A consequence of this is if the lock is over engineered it will “bind” up due to thermal and dirt issues. To prevent this the design has larger tolorences or “slop” to overcome the binding issue. The problem with the slop is it is, what enables the lock to be picked or profiled thus opened by others without access to the correct key.

To try to prevent picking and profiling various tricks have been tried over the years including puting “mushroom heads” on the faces of the pin split. The result is attackers look for new avenues of attack and generaly find them.

Unfortunately lock makers have an issue with the pins they can not get around which is the laws of physics. You have probably seen an executive desk toy called a “Newton’s cradle” where five heavy hard balls are suspended by pairs of threads. Where if you swing a ball up at one end and let go it swings back into the other balls and as if by magic the ball at the other end jumps off and compleates the swing and comes back thus the two end balls behave like a pendulum.

Well the science behind Newton’s cradle is what alows the pins in a lock to be “bumped” that is if you put in a correctly profiled key and hit it with the correct force the tops of the split pins will jump up against the springs and move into the body of the lock whilst the bottoms of the pins will remain in the barrel which means for a very short period of time the effect is that all the pins are split in a manner that alows the barrel to be turned. With practice people can get the timing right with just a few bumps and thus open the lock.

The way to reduce the susceptabilty of a lock to bumping is by designing the lock in such a way that applying sufficient force to the split pins is to difficult to do. That is you close the slop in the Newton state down making the transition state it occurrs in –hopefully– to slim to exploit. But this introduces other problems, which possibly open other attack routes, even if it is just a “Denial of Service” on the lock, causing other security measures to be changed untill it is repaired.

I hope that helps give you an idea of why security is both interesting and hard.