Random tangent: I recently had two copies of a key made, and noticed that the guy at the duplicating machine was able to remove the original after "scanning" it to make the first copy. Seems obvious in retrospect, but I hadn't realized that nowadays those machines had memory like photocopiers, instead of just being purely mechanical.
With that in mind, seems like it should be possible for someone to scan a key, save the pattern, and be able to use it later on to cut new keys on-demand. Does a service like this exist?
The mechanical copiers have never been the best way to copy a key.
Each key manufacturer has a fixed set of depths to cut each position on the key at, which you can represent as a single digit. Combined for the whole key and you can talk about the data encoded into the piece of metal as a string of digits.
Telling you my apartment key is a kwikset KW1 with bitting 64265 is enough to cut a new key.
This is possible with the RFID transponders used in ignition keys by most carmakers. However, BMW had the foresight to prevent this.
Maybe the downmarket carmakers have gotten smarter, but for a long time BMW stood out as the one that did not permit simple duplication of the data in the RFID transponders (each transponder has its data changed every time it is used.)
As far as mechanical key bittings go, any locksmith should be able to clone a key with a photograph of it.
I was puzzled by this too, and surprised at how simple it was. Remember during the 90's we had ISO7816 cards that were a lot more difficult to attack (for instance, payphone cards permuted a challenge from the phone with a shared secret and a secret algorithm, and additionally had some good anti-reading protection, and an irreversible counter)
As far as I know all the technology able to fit in a 7816 card has been put into contactless cards too.
I think that carmakers are lazy, they go to a vendor who designs a system with off the shelf parts and implements it poorly, and we end up with our $30,000 car secured by a PCF7930 or something weaker and if it has security features they are not fully utilized.
I think they also have to design these things within the constraints of being able to service them in the field and not upsetting the customer. Vendor doesn't want to be responsible for a bunch of cars not working if reliability is low, and carmakers wouldn't want the bad press. On the other hand, when criminal activity is involved, it's real easy to blame the criminal.
Depends on where you live. Here in Sweden it is common with doors with locks which are both impossible to bump and hard to pick. Our insurance companies require them.
>Even if I had a printer I'd need some fancy scanning equipment to figure out how to make the key.
Keys have been reproduced from a single photo before. It seems to always involve someone who has experience making keys using the photo to reproduce the key, but in theory software could be able to automate this for the easier cases.
If I have a key or picture of a key, yes. If I have access to just the lock, I can't figure out how to do this without some odd equipment. And if the 3d printer + just the lock can't do something new, then how do 3d printers make traditional locks obsolete?
In the US, the details vary by state but in general you don't need any kind of license to possess or use lockpicks (except in Tennessee): http://toool.us/laws.html
Even if I had a printer I'd need some fancy scanning equipment to figure out how to make the key.