Lock bumping

From Wikipedia, the free encyclopedia

Lock bumping is a lock picking technique for opening a pin tumbler lock using a specially-crafted bump key. One bump key will work for all locks of the same type.

Contents 1 History 2 Technique 2.1 Mechanics 3 Countermeasures 4 References 5 External links

[edit] History

In the 1970s, locksmiths in Denmark shared a technique for knocking on a lock cylinder while applying slight pressure to the back of the lock plug. When the pins would jump inside of the cylinder, the plug would be able to slide out freely and disassemble the lock quickly.^[1] The use of a bump key was not introduced until some time later and was first recognized as a potential security issue around 2002-2003 by Klaus Noch who brought it to the attention of the German media.^[2] After further examination of the procedure, a white paper was drafted in 2005 by Barry Wels & Rop Gonggrijp of The Open Organization Of Lockpickers (TOOOL) detailing the method and its applicability.^[3]

The technique then attracted more popular attention in 2005 when a Dutch television show, Nova, broadcast a story about the method.^[4] After the method received further publicity from TOOOL presentations at security conference talks, members of TOOOL and a Dutch consumer group, Dutch Consumentenbond, analyzed the capability of the method on 70 different lock models and with trained and untrained users in a 2006 study.^[5]

At the same time, Marc Weber Tobias, an American security expert, began to talk publicly in the United States about the technique and its potential security threats. In 2006, he released two further white papers regarding the technique and its potential legal ramifications.^[6][7]

[edit] Technique

A bump key is made by filing down a key blank (or another key made for the targeted type of lock) to the lowest level in each groove. Slight elevations are left between the grooves--if these are too steep, the key will not enter or leave the lock. The tip and shoulder of the key must also be filed down by approximately 1 millimeter. (The shoulder is that part of the key which touches the outer portion of the lock when the key is fully inserted.)

The technique involves inserting the bump key into the lock and tapping the key one or more times with a mallet or similar device, while applying a slight turning force (torque) to the key. In some cases, a tap with a finger is all you need. After a little bit of practice, this will open the lock. The skill level required to bump a lock is minuscule compared to other lock picking techniques; bumping is a feasible method for compromising locks by just about anyone.

[edit] Mechanics

A lock is composed of a series of spring-loaded stacks called pin stacks. Each pin stack is composed of two pins that are stacked on top of each other: the key pin is the pin that touches the key when it is inserted and the driver pin is the pin that is spring driven. When the actual key of the lock is inserted, all of the key pins and driver pins align, allowing the cylinder to be turned. When no key or the wrong key is in the lock, the pin misalignment prevents the cylinder from being turned.

When lock bumping, the key is initially placed one notch out along the keyway. Bumping the key inward forces it deeper into the keyway. The specially designed teeth of the bump key jiggle all of the pins in the lock. The key pins transmit this force to the driver pins. Because the pin movements are highly elastic, the driver pins separate from the key pins for a split second and are then pushed back by the spring. Even though this separation only lasts a split second, if a light force is applied to the key, the cylinder can be turned and the lock can be opened.

[edit] Countermeasures

Ironically, more precise manufacturing tolerances within the cylinder make bumping easier as the pins move more freely and smoothly. Also, more expensive locks made of hardened steel are actually more vulnerable because they are less prone to damage during the bumping process which might cause a cheaper lock to jam.

Locks having security pins (spool or mushroom pins, etc.)—even when combined with a regular tumbler mechanism—generally make bumping somewhat more difficult, but not impossible.

Electronic locks, magnetic locks, and locks using rotating disks are not vulnerable to this attack.

Because a bump key must have the same blank profile as the lock it is made to open, restricted or registered key profiles are much safer from bumping, as the correct keyblanks cannot legally be obtained without permission and/or registration with relevant locksmiths' associations.

Locks made by Medeco, Mul-T-Lock (sister companies), Schlage, and other manufacturers are advertised to be bump proof. Medeco and Schlage Primus locks are advertised as unbumpable due to sidebars that must be aligned to a specific depth to enable pin movement and pins chiseled at angles to further thwart bumping.^[8][9]

Locks that have trap pins which engage when a pin does not support it will jam a lock's cylinder. Another countermeasure is shallow drilling, in which one or more of the pin stacks is drilled slightly less deep than the others. If an attempt were made on a lock that has shallow drilled pin stacks the bump key will be unable to bump the shallow drilled pins as they are too high for the bump key to engage.

[edit] References

1. ^ The Lockdown: Locked, but not secure (Part I). Marc Weber Tobias; August 24, 2006.
2. ^ TOOOL (The Open Organization Of Lockpickers) website, retrieved February 12, 2007.
3. ^ White paper (pdf) on lock bumping by TOOOL. Retrieved February 12, 2007.
4. ^ Video (wmv) of the Nova broadcast (with English subtitles). Retrieved February 12, 2007.
5. ^ Dutch Consumentenbond report (pdf) on bumping locks (translated to English). Retrieved February 12, 2007.
6. ^ A detailed technical analysis of bumping (pdf) by Marc Weber Tobias. Retrieved February 12, 2007.
7. ^ Bumping of Locks: Legal issues in the United States (pdf) by Marc Weber Tobias. Retrieved February 12, 2007.
8. ^ http://www.medeco.com/about/whats_new/pr/bump.html
9. ^ http://www.mul-t-lockusa.com/newsdetails.asp?newsid=51

[edit] External links

• Bump Key HOWTO - Google Video describing how to create and use a bump key, by Tyler Larson
• Modification instructions on how to create a "Minimal Movement" bump key from a 999 key, by John Davenport
• A US television news station demonstration of lock bumping
• Additional Bump Key information, including an very old 1928 patent for a bump key
• www.bump-j.com This page contains a demonstration video, written instructions on the use of bump keys, and a document that provides factory depth specs and printable templates to make bump keys.