One of the hairier unintended consequences of cheap 3D printing is that any troublemaker can duplicate a key without setting foot in a hardware store. But clever lockpickers like Jos Weyers and Christian Holler already are taking that DIY key-making trick a step further: They can 3D print a slice of plastic or metal that opens even high-security locks in seconds, without even seeing the original key.
Weyers and Holler’s trick is to 3D print a bump key, which resembles a normal key but can open millions of locks with a carefully practiced rap on its head with a hammer. Using software they created called Photobump, the two engineers say it’s now possible to easily bump open a wide range of locks using keys based on photographs of the locks’ keyholes. And even without a high-quality 3D printer, those specialized bump keys can be mail-ordered from 3-D printing services like Shapeways or i.Materialise that have no restrictions on printing keys.
As a result, all anyone needs to open many locks previously considered “unbumpable” is a bit of software, a picture of the lock’s keyhole, and the keyhole’s depth, says Weyers, a competitive lockpicker and security consultant. “You don’t need much more to make a bump key,” Weyers told an audience at the Hackers On Planet Earth conference, where he first hinted at the key printing software last month. “Basically, if I can see your keyhole, there’s an app for that.”
Here’s a video of Holler using a 3D-printed bump key to open an Abus E20 lock.
Bumping isn’t a new trick. The technique traditionally has involved filing a key blank into a set of teeth that rest against each of the pins in a pin and tumbler lock. As shown in the illustration below, when the key is tapped with a mallet or hammer those teeth “bump” the pins like a pool cue hitting billiard balls: The bottom portions stay put, but the force is transferred to the top halves of the pins, which jump up a few millimeters. By applying a small amount of torque to the key, a skilled bumper can catch those jumping pins outside of the lock’s cylinder, allowing it to open.
Even so, bump keys have long been tough to create for high security locks that use obscure, complex key blanks. Many lock makers carefully trademark or patent their key blank designs and prevent them from being sold to anyone outside a small group of verified customers. But with the advent of 3D printing, those restrictions can’t stop lockpickers from 3D printing their own blanks and filing them into bump keys—or simply printing bump keys with their teeth already aligned with a lock’s pins. In this video, Holler demonstrates a 3D-printed and filed bump key for an Ikon SK6, a key that uses restricted, carefully contorted blanks that can’t even be created by many key-milling machines.
A photo of a keyhole alone isn’t quite enough to print one of Weyers’ or Holler’s bump keys. They also need information about the position of each pin in a target lock. But Holler says that information easily is found in widely available key-cutting software. Weyers says he can derive it even more easily by sticking any thin tool into the keyhole, feeling for the pins, and marking their depth to measure how deep in the lock’s cylinder the pins are located.
Those measurements and the key’s cross-sectional shape—derived from a photo—are fed into the Photobump desktop software to create a printable 3-D CAD model. Weyers’ technique, he says, wouldn’t even require knowing the lock’s make or model. “I’m working under the presumption I’m starting with zero knowledge of the lock,” says Weyers.
Weyers and Holler aren’t trying to teach thieves and spies a new trick for breaking into high-security facilities; instead, they want to warn lockmakers about the possibility of 3D printable bump keys so they might defend against it. Although Holler will discuss the technique at the Lockcon lockpicking conference in Sneek, the Netherlands, next month, he doesn’t plan to release the Photobump software publicly. He’s also working with police in his native Germany to analyze whether printed bump keys leave any forensic evidence behind.
Ultimately, the two lockpickers say they’re trying to show lock companies and their customers that 3-D printing has changed lockpicking in ways that may leave previously secure locks vulnerable. After all, many lock makers seem to rely on their keys’ restricted shapes—their “key profile”—as their sole defense against tricks like bumping. “It’s a kind of false sense of security,” says Holler. “If a protected profile is your only protection, you should be aware that’s no longer enough.
In a long statement, Ikon maker Assa Abloy argues 3D printing bump keys to its locks is an expensive, unreliable trick that doesn’t work on some locks whose keys have hidden or moving parts. “We view this as an interesting exercise, but not particularly representative of the real world of covert entry by criminals and burglars,” writes Joachim Gillert, a research and security director for the company. “Yes, you can open some locks, some of the time with bump keys, even made with hard plastic. But…the use of such keys depends on many variables and is not particularly reliable.”
Holler and Weyers counter that the printed bump key trick will only get easier, and that the cost is negligible. Holler printed his bump keys in high resolution nylon through Shapeways for less than 5 euros each. A Shapeways spokesperson says the company “doesn’t have any specific policies around printing keys or lock picking tools, but it is up to our users to responsibly comply with our overall guidelines.”
Weyers argues that instead of dismissing 3D printing or trying to keep their key profiles secret, lockmakers should produce more bump resistant locks with electronic elements or unprintable parts. “The sky isn’t falling, but the world changes and now people can make stuff,” says Weyers. “Lock manufacturers know how to make a lock bump-resistant. And they had better.” What do you think? Is 3D-Printed Bump Key a good idea or just scary?