Robot Safecracking

Robots can crack safes faster than humans—and differently:

So Seidle started looking for shortcuts. First he found that, like many safes, his SentrySafe had some tolerance for error. If the combination includes a 12, for instance, 11 or 13 would work, too. That simple convenience measure meant his bot could try every third number instead of every single number, immediately paring down the total test time to just over four days. Seidle also realized that the bot didn’t actually need to return the dial to its original position before trying every combination. By making attempts in a certain careful order, it could keep two of the three rotors in place, while trying new numbers on just the last, vastly cutting the time to try new combinations to a maximum of four seconds per try. That reduced the maximum bruteforcing time to about one day and 16 hours, or under a day on average.

But Seidle found one more clever trick, this time taking advantage of a design quirk in the safe intended to prevent traditional safecracking. Because the safe has a rod that slips into slots in the three rotors when they’re aligned to the combination’s numbers, a human safecracker can apply light pressure to the safe’s handle, turn its dial, and listen or feel for the moment when that rod slips into those slots. To block that technique, the third rotor of Seidle’s SentrySafe is indented with twelve notches that catch the rod if someone turns the dial while pulling the handle.

Seidle took apart the safe he and his wife had owned for years, and measured those twelve notches. To his surprise, he discovered the one that contained the slot for the correct combination was about a hundredth of an inch narrower than the other eleven. That’s not a difference any human can feel or listen for, but his robot can easily detect it with a few automated measurements that take seconds. That discovery defeated an entire rotor’s worth of combinations, dividing the possible solutions by a factor of 33, and reducing the total cracking time to the robot’s current hour-and-13 minute max.

We’re going to have to start thinking about robot adversaries as we design our security systems.

Posted on July 31, 2017 at 12:19 PM32 Comments


Anon July 31, 2017 1:01 PM

If you have not already been thinking about automation then you have not been doing security.

Uthor July 31, 2017 1:28 PM

Just have the person opening the safe divide by zero as a final step. That would cause any robot attackers to self destruct.

AJWM July 31, 2017 2:38 PM

Anyone else put in mind of the gizmo Bond used to crack the safe in the film On Her Majesty’s Secret Service back in, gosh, 1969?

(And wouldn’t “brute forcing” a safe be more likely to involve drills and/or explosives? 😉 )

R July 31, 2017 3:56 PM

@AJWM: Yep. Bond.

Oh, and brute forcing refers to trying all possible solutions.

You know, back in college in the 80s, I rented a house with a combination lock on the garage. Landlord didn’t have the combo. I used the same technique. There’s 40 digits, three numbers, 64,000 combinations. But you can try all possible 3rd numbers in the same run, quite quickly, by turning the dial slowly and pulling the lock up and down real fast. Takes you down to 1600 combinations. But those 40 digits… Well the dial may have 40, but the underlying hardware doesn’t. That’s why if you use numbers close to the target the lock often opens easier than with the actual combination. So figure trying every 2.5 numbers. Now you’re down to 16 tries per digit, 256 total runs. If you can make a good guess for either of the first 2 numbers… Well I had the lock open before my landlord finished walking around the house. People get freaked out so easily…

Jim K July 31, 2017 5:05 PM

Richard Feynman had a lot of fun with the safes whilst building the first atomic bomb. A similar process of deduction, brute force and showing off I seem to remember.

Nicholas Weaver July 31, 2017 8:12 PM

Calling this a “safe” is really a joke: these SentrySafe designs are so weak you basically can look at them with a crowbar and they open.

Real safes, among other things, are designed to resist brute force. My (UL listed Residential Security Container) safe uses a digital pad with 6 digits. After 5 tries it has a 2 minute lockout. A real dial-based safe on the dial won’t have nearly so much slop in the dial.

Jonathan Wilson July 31, 2017 8:25 PM

I would like to see these guys try the same trick on a safe with a Sargent & Greenleaf UL 768 Group 1R dial combination lock. Bet it would take a LOT longer than it did on such a crappy safe (SentrySafe has the same reputation among security experts and locksmiths as Master Lock which isn’t surprising given that Master Lock owns them)

Russ August 1, 2017 2:38 AM

Reminded me of the Feynman story too 🙂 Surely you’re joking Mr F shares an infectious attitude that stays with you…

wumpus August 1, 2017 10:52 AM

The biggest takeaway I remember from the Feynman safe stories were the reaction to those safecracks. When Feynman pointed out that leaving a safe open with the last position keyed meant he could crack the safe in seconds (similar to “the landlord hasn’t finished his rounds”) instead of minutes, the response (from the Generals who were presumably considered experts in “security” at the time) was to ban Feynman from being near the safes.

Feynman was sufficiently unimpressed to include it in his “sure you are joking” books. I’d expect a rant or two occurred during the drive from Los Almos to LA with Fuchs (the card carrying communist and spy at Los Almos, and yes that drive did take place. In those days “if you drive alone you drive with Hitler”).

Jeremy Reeder August 1, 2017 12:16 PM

An interesting project, but your opening statement is incorrect, Mr Schneier. I routinely open those manually in half an hour. Expert human safecrackers have perfectly good ways of magnifying small measurements, as well as other ways of detecting what we call “false gates” in the wheels.

Sam August 1, 2017 3:51 PM

Safe cracking machines are known for decades. The old way was to have a mechanical time delay where the handle is only activated after the timer winds down. Today’s high security locks are digital, look at the X-10. A digital countermeasure is a random gain between the dial and the entered number, that way you have to use computer vision on the screen instead of a encoder.

Ari Trachtenberg August 1, 2017 4:22 PM

I don’t see why these locks need to remain mechanical … put an electronic master connected to an actuator and you can they throw all our software expertise at the problem.

Wael August 1, 2017 11:34 PM

Robots can crack safes faster than humans

Robots can do almost anything faster than humans can.

We’re going to have to start thinking about robot adversaries as we design our security systems.

Depends on the design philosophy we adopt 🙂

David Khoo August 3, 2017 5:05 AM

Note that this actually is not a serious issue, because even safes rated as Class TRTL-60 by UL laboratories can only last 60 minutes under attack from power tools, and most consumer safes are rater lower than that. Taking more than one hour to crack the safe with a complex safecracking robot is immaterial when the safe will fail in a shorter time with cheap tools you can buy in any hardware shop.

bob August 3, 2017 5:37 AM

@David Khoo

There’s a pretty major difference between opening a safe without anyone knowing to tearing it apart with power tools.

Clive Robinson August 3, 2017 6:32 AM

@ David Khoo,

Taking more than one hour to crack the safe with a complex safecracking robot is immaterial when the safe will fail in a shorter time with cheap tools you can buy in any hardware shop.

These days it would have to be a very very cheap safe — Like a bedsode gun safe, or fire retardent home office safe– not to have the likes of re-lockers and other anti-tamper devices that trigger by vibrarion or will compleatly bind up “cheap tools you can buy in any hardware shop”.

The real point of the demo was to show that old mechanical locks have realy had their day, when it comes to security.

However because most people do not understand the ins and outs of “electro-mechanical” they screw up the design of simple electronic locks. But it takes a real screw-up code cutter with marketing droid ambitions to design in WiFi / Bluetooth so all the world can play with your lock…

Clive Robinson August 9, 2017 12:28 AM

@ Mike Amling,

So, the safe may be seen as protection against fire, but not against burglars?

That’s sort of true for most “Fire Safes”.

Underwriters Laboratory (UL) rate security and safety decices in a similar way, which is “How long for XXX to withstand YYY”.

So a basic rating of an hour is how long it would tke either the heat of a fire to damage the contents of a safe or similarly how long it would take a burglar to get to the contents.

The point most people forget is that there is no fire proof any thing likewise there is no burglar proof anything. That is the devices are only designed to provide protection for a period of time before human responders turn up. The devices are “a delaying tactic” not a “stopping tactic”, and for the tactics to be effective you have to have other mechanisms in place such as alarm systems watchmen etc.

So for those thinking of buying a safe or other “delaying tactic” safety or security device, you might be better off spending money on an alarm system first. Oh and prior to that a good set of locks for doors and windows etc.

Clive Robinson August 9, 2017 1:08 AM

@ Bruce,

We’re going to have to start thinking about robot adversaries as we design our security systems.

That would be a mistake, as humans give words/names powers that the objects they refer to may not have, or are misnamed as. Thus we end up “thinking in silos” that relate to a word/name rather than thinking in a broader more objective way.

The reality is that the object is a relatively simple piece of machinery that is instrumented running a computer program. Most house holds in the western world are full of such devices, the most obvious of which are the clothes and dish washers and microwave ovens. Even the home heating system is such a device.

These devices appear as a logical consequence of improvments in technology.

Look at it this way, what’s the difference in real terms between the man that comes around to do a bit of handy work and a so called cyborg? From a security perspective little or nothing.

However if a crime is committed by the handyman it’s not realy of interest even to the police unless the value of the goods taken are above a certain limit. If however the same crime was committed by a “cyborg” it’s an almost certain bet you’ld have Pres Trump tweeting about the dangers of “Bygorcs” at 4AM the following morning.

But appart from the “Scary C word” -v- the “Mundane H word” the reality of the security story is you let someone in your house and they broke an implicit trust that they would not take anything they had no entitlment to.

It’s not Cyborgs or Robots or other scary words that make the difference, but an expected improvment in technology, which few take the time to acquaint themselves with. Which has the side issue of human perception giving the wrong risk probabilities to the issue. We know where that can lead, because we have the DHS as a prime example…

Wael August 9, 2017 6:22 PM

@Clive Robinson,

That would be a mistake

I’d say it’s a potential slight inaccuracy, coming from a proponent of: Terrorists don’t do movie plots 🙂

because we have the DHS as a prime example…

Before you know it, it’ll be replaced by a DCS; Drones of CyborgLand Security. It’s already happening.

Dirk Praet August 10, 2017 5:03 PM

@ Wael

Before you know it, it’ll be replaced by a DCS; Drones of CyborgLand Security.


I think it’s even more likely that they will just create it on top of the DHS. It’s the Belgian approach to government: the only way to ensure that everyone gets his piece of the pie but no one is ever accountable for anything is by making sure no single person or entity is ever in charge of anything. This is achieved by thinly spreading authorities and responsibilities over six different administrative levels that are preferably not talking to each other, so nothing ever gets done and no one can take either credit or blame for it.

Although this is not a particularly effective or efficient system, the primary goal is to achieve political stability by minimizing both accountability and change, in other words to perpetuate the existing system of governance and preserve the ruling class’s fragile status quo. As a side-effect, a sudden rise of populists is made impossible as there is no way they can take over all administrative levels in one election, and across the politically shattered regional and linguistic divide. A gradual power grab by corporate entities has equally been made impossible by outlawing 3rd party funding of parties and candidates. (You guys should consider that one too)

And then whenever something goes really wrong, everyone can put his hands in the air, no blame can be attributed to anyone (except particularly hateable, low-ranking sacrificial scapegoats), and the formal investigative committee will recommend the creation of yet another administrative body to appease a generally clueless electorate, sending out a strong message that the system has worked like intended and in the light of recent events will now be made even more resilient.

Rod Oden August 13, 2017 6:07 PM

I saw the video and my hat is off to the fella that recreated an autodialer. Back in the 80’s I used an ITL1000 autodialer. It used the same techniques to open Sargent & Greenleaf and LeGard Group II safe locks. The tolerance in Group II locks is so sloppy that a number below or above the designated combination will work. Group II locks are found on commercial and gun safes and are more than adequate for small businesses and homes.
The Sentry Safe that was used offers far less security and can be opened in less than 15 seconds by hand drill or almost immediately by using a pry bar. It is a good safe to protect important documents like birth certificates, pink slips, deeds, etc.
At one time the US Government used Group II locks to secure classified information. Realizing weaknesses in their Group II locks, a safe company came up with a Group I lock that had much tighter tolerances so a combination one number below or above wouldn’t work. Still half numbers would work, for example if a combination was 45, 44-1/2 or 45-1/2 had a good chance of working. The company wanted the US Government to stop using Group II’s and start using the new improved Group I. The government asked who knew about the weakness and when it was discovered only the safe company they weren’t interested as they still had a reasonable perception of security.
To move the new Group I locks, it became necessary to educate the physical world of the new found weakness. An overt statement from the safe company would have raised the government’s ire and possibly placing the safe company of the blacklist. Covertly a small anonymous pamphlet title “The Art of Manipulation” was openly distributed for free. In it the techniques were described on how to surreptitiously open Group II locks. The pamphlet made it clear that the Group I lock was impervious to this attack. Once the government picked up a copy they immediately contacted the safe company needing to phase out the Group II locks for the new Group I type.
This is a constant theme in selling security hardware to Government: sell them the product, disclose weaknesses to the community, then sell them revisions and without having to address the original defect, or be held liable!

PS November 16, 2021 4:20 AM

Any security system a human can make a human can break. Usually another human. The creator of infosec, or physical security, whether encryption or etc., is usually blind to vulns in their work. Another mind can often see the vulns the creator missed.

PS November 16, 2021 7:36 AM

In electronics and mechanical things there’s a phenomenon known as resonance.
Energy is transferred most efficiently between 2 things when they are in resonance.
You’re using an electric mixer in your kitchen. Nearby on the same counter is a container of spoons that rattle loudly when the mixer is at a certain speed. That’s an example of resonance.
The motor and gear train of the Kaba Mas X-Series of combination locks will have a resonant frequency or frequencies.
Something that vibrates at that frequency may transfer enough energy to rotate the motor or gears, allowing the lock to be opened without even touching the lock.
That vibrating something may be a portable, battery-powered orbital sander, that’s modified by adding a speed control, to permit the vibration frequency to match the resonant frequency of the motor and/or gear train of the Kaba Mas X-Series of combination locks.

PS November 16, 2021 7:40 AM

The sandpaper must be removed from the sander, use the rubber foot of the sander to transfer the vibration to the door of the safe, filing cabinet, etc. on which is mounted a Kaba Mas X-Series combination lock.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.