- Lock bumping
Lock bumping is a
lock picking technique for opening apin tumbler lock using a specially-crafted "bump key". One bump key will work for all locks of the same type.History
In the 1970s, locksmiths in Denmark shared a technique for knocking on a lock cylinder while applying slight pressure to the back of the lock plug. When the pins would jump inside of the cylinder, the plug would be able to slide out freely, thus enabling the locksmith to disassemble the lock quickly. [http://www.engadget.com/2006/08/24/the-lockdown-locked-but-not-secure-part-i/ The Lockdown: Locked, but not secure (Part I)] . Marc Weber Tobias; August 24, 2006] The use of a bump key was not introduced until some time later and was first recognized as a potential security issue around 2002–2003 by Klaus Noch who brought it to the attention of the German media. [http://www.toool.nl/index-eng.php TOOOL] (
The Open Organization Of Lockpickers ) website, retrieved February 12, 2007.] After further examination of the procedure, awhite paper was drafted in 2005 by Barry Wels &Rop Gonggrijp ofThe Open Organization Of Lockpickers (TOOOL) detailing the method and its applicability. [http://www.toool.nl/bumping.pdf White paper] (pdf) on lock bumping by TOOOL. Retrieved February 12, 2007.] A patent exists for a lock device following the same principle as the bump key from 1926–1928. [http://img525.imageshack.us/img525/2736/bumpkeypatentpg1gk9.jpg]The technique then attracted more popular attention in 2005 when a Dutch television show, Nova, broadcast a story about the method. [http://www.toool.nl/bumpkey-alert.wmv Video] (wmv) of the Nova broadcast (with English subtitles). Retrieved February 12, 2007.] After the method received further publicity from TOOOL presentations at security conference talks, members of TOOOL and a Dutch consumer group, Dutch Consumentenbond, analyzed the capability of the method on 70 different lock models and with trained and untrained users in a 2006 study. [http://www.toool.nl/consumer-reports-nl.pdf Dutch Consumentenbond report] (pdf) on bumping locks (translated to English). Retrieved February 12, 2007.]
At the same time,
Marc Tobias , an American security expert, began to talk publicly in the United States about the technique and its potential security threats. In 2006, he released two further white papers regarding the technique and its potential legal ramifications. [http://www.engadget.com/videos/lockdown/bumping_040206.pdf A detailed technical analysis of bumping] (pdf) by Marc Weber Tobias. Retrieved February 12, 2007.] [http://www.engadget.com/videos/lockdown/bumping_legal_mwt.pdf Bumping of Locks: Legal issues in the United States] (pdf) by Marc Weber Tobias. Retrieved February 12, 2007.]Mechanics
A
pin tumbler lock is composed of a series of spring-loaded stacks called "pin stacks". Each pin stack is composed of two pins that are stacked on top of each other: the "key pin", which touches the key when it is inserted, and the "driver pin", which is spring driven. When the proper key is inserted into the lock, all of the key pins and driver pins align along the "shear line", allowing the cylinder to be turned. When no key or the wrong key is in the lock, the pin misalignment prevents the cylinder from being turned.When lock bumping, the key is initially placed one notch out along the keyway. Bumping the key inward forces it deeper into the keyway. The specially designed teeth of the bump key jiggle all of the pins in the lock. The key pins transmit this force to the driver pins. Because the pin movements are highly elastic, the driver pins separate from the key pins for a split second and are then pushed back by the spring. Even though this separation only lasts a split second, if a light force is applied to the key, the cylinder can be turned and the lock can be opened.
Countermeasures
Lock designs
High-quality locks may be more vulnerable to bumping unless they employ specific countermeasures. More precise manufacturing tolerances within the cylinder make bumping easier because the pins move more freely and smoothly. Locks made of hardened steel are more vulnerable because they are less prone to damage during the bumping process that might cause a cheaper lock to jam.
Locks having security pins (spool or mushroom pins, etc.)—even when combined with a regular tumbler mechanism—generally make bumping somewhat more difficult but not impossible. Electronic locks, magnetic locks, and locks using rotating disks are not vulnerable to this attack.
Because a bump key must have the same blank profile as the lock it is made to open, restricted or registered key profiles are much safer from bumping, since the correct key blanks cannot legally be obtained without permission or registration with relevant locksmith associations. While this would make it harder to obtain key blanks, regular keys can be filed down to act as bumpkeys.
Locks that have trap pins that engage when a pin does not support them will jam a lock's cylinder. Another countermeasure is "shallow drilling", in which one or more of the pin stacks is drilled slightly shallower than the others. If an attempt were made on a lock that has shallow drilled pin stacks, the bump key will be unable to bump the shallow drilled pins because they are too high for the bump key to engage.
Lock brands
Locks made by
ABLOY , KABA,EVVA ,Medeco ,Schlage ,Kwikset [ [http://kwikset.custhelp.com/cgi-bin/kwikset.cfg/php/enduser/std_adp.php?p_faqid=821&p_created=1170713124&p_sid=pekeM4Qi&p_accessibility=0&p_redirect=&p_lva=&p_sp=cF9zcmNoPTEmcF9zb3J0X2J5PSZwX2dyaWRzb3J0PSZwX3Jvd19jbnQ9MTgyLDE4MiZwX3Byb2RzPTAmcF9jYXRzPTAmcF9wdj0mcF9jdj0mcF9wYWdlPTEmcF9zZWFyY2hfdGV4dD1sb2NrIGJ1bXBpbmc*&p_li=&p_topview=1 Kwikset online] ] and other manufacturers such asBiLock [ [http://www.bilock.com/bump.htm Distribution, Security Locks, Security Keys, BiLock, BiLock Locks, Extreme Security ] ] are advertised to be bump proof.ABLOY usesdisc tumbler lock ing mechanism that cannot be bumped. Kwikset offers a new technology called SmartKey [ [http://www.kwikset.com/smartkey Kwikset SmartKey] ] that eliminates the shear line in traditionalpin tumbler lock s and provides advanced protection. KABA experT cylinders consist of 4 rows of pins using a total of 22 pin possibilities, therefore the bumping method cannot be used to gain entry. KABA pExtra is an inline system that is available with a magnetic pin to prevent the bumping method being used. However, key copiers are freely available for Kaba ExperT keys [ [http://www.kabaaustralia.com/lock_bumping.htm Lock Bumping ] ]Medeco andSchlage Primus locks are advertised as unbumpable due to sidebars that must be aligned to a specific depth to enable pin movement and pins chiseled at angles to further thwart bumping. [ [http://www.medeco.com/about/whats_new/pr/bump.html About Medeco - MEDECO - Combating the Bump Key ] ] [ [http://www.mul-t-lockusa.com/newsdetails.asp?newsid=51 Mul-T-Lock USA ] ] However there are also recent studies about how easy it is to bypass this sidebars feature. [ [http://www.thesidebar.org/insecurity/?p=96 In.Security Home » The Medeco m3 Deadbolt Design: How Secure is it? ] ]Master Lock also makes a line of bump resistant locks, using so-called "bump stop security". [ [http://www.bumpstopsecurity.com/ml-bumpstop-cylinder-tech.shtml Master Lock Bump Stop Security] ]ABLOY Protec employs a mechanism totally different than pin tumbler cylinders which renders it secure against bumping. [http://www.toool.nl/abloypart3.pdf] Authorized key copiers for these locks exist only on behalf of Abloy.Other countermeasures
Pickbuster [ [http://www.pickbuster.co.uk Pickbuster - Stop Cylinder Bumping Now ] ] is an aftermarket lock bumping countermeasure in the form of a liquid gel which fills the cylinder serving to dampen the kinetic energy of the bump attack and prevent the key pin separating from the driver pin. This solution has recently been tested by ERA with positive results, and is undergoing extended testing by the
Institute of Certified Locksmiths . However, this solution is thought by many to attract dust and grit, resulting in a jammed lock.Legal status
In the United States, bump keys fall into the category of "burglary tool" in most states, although only California specifically lists bump keys in their
Penal Code . The burglary tool designation requires that a police officer prove both possession and intent to use the tool in a burglary for a successful misdemeanor conviction. In California,Governor Arnold Schwarzenegger signed a bill (SB 1554) by State SenatorRobert Dutton which specifically added the bump key to the Penal Code. [ [http://www.legisweb.com/calm/model/Retrieve.asp?ref=urn:calm:2007:sb1554:doc LegisWeb Senate Bill No. 1554] ] In Delaware,Delaware General Assembly RepresentativeJ. Benjamin Ewing has introduced a bill (HB 396) that defines a bump key as a burglary tool. [ [http://www.delregs.state.de.us/LIS/lis144.nsf/vwLegislation/HB+396?Opendocument House Bill No. 396] ]References
External links
* http://www.lockbumping.org - Public Service Site About Lock Bumping.
* http://www.youtube.com/watch?v=hr23tpWX8lM - A US television news station demonstration of lock bumping.
* http://www.youtube.com/watch?v=pwTVBWCijEQ - Video demonstrating the making of a bump key.
Wikimedia Foundation. 2010.
