Rhythmic Combo-lock

[MusashiAharon’s] dorm room door was practically begging to be hacked. There was already an electronic strike plate in place as well as junction boxes on the inside and out that were connected by conduit. Jumping on the bandwagon after seeing some other door lock hacks here, he built one that uses a rhythmic combination.

The control panel on the outside is a blank faceplate with two buttons and a status LED. Theses are wired to a jack and connected with a cable traveling through the conduit to a breadboard on the inside of the door. Seeing a large breadboard hanging on an outlet cover is a bit comical but it does the job. From there, a Teensy microcontroller waits for the code and if correct, actuates the strike plate via a relay.

The rhythmic nature of this lock reminds us of the knock-based system. One button signals the start and end of the code, the other is used to input the rhythmic sequence. This does seem a little more discreet and we’d imagine it’s quite hard to eavesdrop on the correct combination.

13 thoughts on “Rhythmic Combo-lock

    1. I hope to make one after the break is over, sometime next month. Sorry for the delay! Right after I finished the build, I was chased out of my dorm for the university to save power over the break, so I had to disassemble it again. I look forward to updating my instructable with the vid and more security enhancements.

  1. you mean he’s secured his residence by something anyone can read?

    seriously this and knock security are a terrible idea. first of all, eavesdropping is irrelevant because he’s either using the super mario bros intro or beethoven’s fifth and everyone carries those passwords around in their heads.

    moreover i’m sure there’re at least two good sigint techniques available to break it: use a sensitive microphone ANYWHERE along the same wall (vertically or horizontally – to calibrate it just walk up to the door and enter whatever and you’ll know exactly what the ‘start/stop’ and ‘code’ buttons ‘sound’ like from your listening device’s perch), or just sniff the certain gob of RF all those unshielded electronics ant protoboard make (incidentally, i understand it’s a huge transmitter antenna).

    unless i’m TOTALLY wrong about this, and in that case someone PLEASE correct me

    1. I like your comments! I think you are absolutely right that this system is vulnerable to the two attacks you mentioned. I hope to make these attacks more difficult by using my normal room key as often as possible instead (after all, this hack was intended as a backup system for when I accidentally lock my key in my room). If the cracker uses the sniffing methods you mentioned, at least he would have to filter through a few hundred hours’ worth of data first. And of course, the mechanical room key is not completely secure, either.

  2. Dan Fruzzetti, I am not sure, first as I posted he has no physical security on that plate, so the system itself is moot.

    I read some mention of a conduit connecting that box to an internal box, in which case there is just switches in the external box, which it might be possible to shield, I am unsure how much RF a button generates, although you could use tact switches at the back of the box and non-conductive dowels to push them.

    The statement on Morse code is interesting, you could have a questions that change and a light that signals which answer to give. How about the date or the hour; and/or a specific letter combo in the date or hour.

    Security is an approach based on many factors, and must be balanced against the probable attacks and how secure the physical location is. For all we know there is an accessible window.

    Who wants to gain access and how motivated are they?

    Since it is a push button, you could use a camera to watch the presses.

    I always like the idea of a keypad of colors or moving numbers and letters. You know what to enter but the buttons will be different or they will ask you the question.

    Another possibility is using half-polarized LCD touchscreen, you need to wear polarizing lenses to even see what it is you are pushing.

    If you wanted to get even crazier you could hide the switches on the knob and use a “chord” of multiple fingers to press them, perhaps while simulating key use.

    There are just so many options, I think it is an excellent hack, whatever its perceived deficiencies.

    1. Thanks for the comment! I think you are definitely right, too. Now that you mention it, the way I would crack my system is to install a datalogger inside the input box and physically wire the buttons to the datalogger. I would have the data logger wait in sleep mode until it detected input to save power. To counteract this strategy, I would have to secure the box (maybe by electrically testing for the removal of the screws and flashing an in-room tamper alarm LED) or by manually checking the box every now and then.

  3. I just thought of another one on the polarized screen, you could have the buttons shaded in different levels and based on an external factor known to you and the system (but not necessarily obvious at the location of the switch) you know which ones to press. Perhaps a colored light in the window outside only visible from a precise location (in a tube aimed at a corner of the walkway, only visible if you stoop, as if adjusting a shoelace.)

  4. Aack! Sorry for the vagueness in my posts – I should have noticed that the mobile site was still in beta. My Dec 22 reply was to Dan Fruzzetti; Dec 23, 12:23 AM was to nubie (Dec 22, 4:56 PM); Dec 23, 12:37 AM was to markii.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.