Knock detecting lock (video and instructions) Options

[signal15]

http://hackaday.com/2009/11/04/knock-detecting-lock/

[sic0048]

That would be pretty cool for your child's tree fort! Not sure I would secure anything of value with that, but it certainly has a cool factor. Perhaps that means I am a geek.

[kmitchell]

I've used one of these [http://www.nokey.com/knocknoctoac.html] for years on my garage door as a backup for when my kids forget their ibutton keyfobs.

The only insecure part about is was when my son was younger he wanted to demo it to everyone and he'd count the code out loud!

Ken

[signal15]

I always thought it would be cool if someone designed a challenge-response algorithm that you could do in your head. As a simple example:

Keypad lock presents you with a 4-digit number, say 1304. This is the challenge. The user then calculates the response in his head according to a predetermined algorithm, which can be different for each person who has access. This is not a very secure example, but for the sake of simplicity:

- Your algorithm is "x mod 250" and only you know this (the result is the remainder of X divided by 250)
- Challenge is 1304
- You calculate this in your head
- You type in 0054 as the response

This way, you NEVER type in your real code, and it changes every time. If someone saw you enter in the code, or used fingerprint powder to derive the possible codes, they would be useless to the attacker. Of course, the actual algorithm would likely be different, but you get the idea. And, it has the bonus of keeping out stupid people.

This post has been edited by signal15: Nov 4 2009, 04:04 PM

[Jimmyjam]

- Your algorithm is "x mod 250" and only you know this (the result is the remainder of X divided by 250)
- Challenge is 1304
- You calculate this in your head
- You type in 0064 as the response

This way, you NEVER type in your real code, and it changes every time. If someone saw you enter in the code, or used fingerprint powder to derive the possible codes, they would be useless to the attacker. Of course, the actual algorithm would likely be different, but you get the idea. And, it has the bonus of keeping out stupid people.

you didn't calculate very well

[mustangcoupe]

that is geewiz cool

[signal15]

- Your algorithm is "x mod 250" and only you know this (the result is the remainder of X divided by 250)
- Challenge is 1304
- You calculate this in your head
- You type in 0064 as the response

This way, you NEVER type in your real code, and it changes every time. If someone saw you enter in the code, or used fingerprint powder to derive the possible codes, they would be useless to the attacker. Of course, the actual algorithm would likely be different, but you get the idea. And, it has the bonus of keeping out stupid people.

you didn't calculate very well

Hah! Fixed! Hmm, according to my comment, that would have kept me out and classified me as stupid people. :/

I figured out a couple of easier "algorithms" to use, which would work much better, plus a good method of identifying the user before they actually enter their response.

This post has been edited by signal15: Nov 4 2009, 04:09 PM