Here's what I see needs to be done right now:
1) Identify choices for the overall system architecture Each choice should tell us at a minimum
- what kind of key cards do we need?
- what kind of physical lock do we need?
- what back end hardware do we need to issue new cards, revoke old ones, and do logging?
The choices so far:
- A) das Labor's AnonAccess system
- B) Something that uses DESFire cards from NXP (formerly Philips)
- C) Something that uses IBM's Caernarvon system, as mentioned for example here:
- D) iButton locks - while the basic iButton is roughly like a prox card, there are NVRAM iButtons that could be used with an AnonAccess system.
2) Find suppliers, prices for each choice
- For example, the code for the AnonAccess backend is in a public SVN repository, can be browsed here:
- This is a site that sells several types of smart cards, including the DESFire cards:
- I've seen that some knowledgeable Dutch hackers use a 'Salto' DESFire system rather than a mechanical lock.
The key point of uncertainty for me is the actual door lock assembly. What exactly do we need here, and how do we install it into the actual door? What does the lock cost?
For example, this data sheet specifically mentions DESFire compatibility, but it does not state a price. We need someone to call these people up and find out the price, figure out if it can fit on our current door, etc. http://www.saltosystems.com/index.php?option=com_content&task=view&id=45&Itemid=44
What you can do:
- Contact the das Labor people and ask them who their suppliers are. We would probably be happy just copying their setup outright. Also ask about their door lock setup.
- Contact the people with the data sheet above and find out if that lock will work with our door and how much it costs. If it doesn't work, find out if they have a lock that works.
- Find out what back end software we need or special equipment we need if we go the DESFire route.
- I have contacted Paul Karger at IBM to ask about Caernarvon. If you happen to find a supplier that can work with us on that option, that'd be cool too.
Physical cylinders and other lock mechanisms
- The Brute is a popular magnetic lock using in high security settings. It can be purchased for around $390 .
- iButton reader plus lock. Default firmware appears to use the iButton as just a prox card, though. http://www.ibuttonlock.com/product/e3-rf.htm
- Electric strikes and electric locks. Card reader not included. http://www.nokey.com/elstrikandma.html
We probably want to have more than one locking mechanism to ensure that it's hard to break down the door.
It seems reasonable that if we use an access card system that we make ourselves, we should consider adding a secondary authentication step using a PIN. This would be a nice addition to AnonAccess (but perhaps they've already considered it). We should consider acquiring a pin pad with several specific properties. One of the important properties is the ability to withstand the possibly harsh street weather (read: people messing with the door lock system). Another would be to prevent shoulder surfing of pin entry codes. It would be nice if we could find a pin entry system that had a fixed key pad but where the keys changed their meaning at each run. In such a system, rather than a simple 1-9 on a key pad, the 1-9 key space would shuffle the numbers around. The Schlage Model SERIII Scramble Keypad seems like it would do the job just perfectly. The Hirsch ScramblePad (pdf) also includes a proxcard reader.
We should ensure that we have a strike plate on the outside of the door. It should be laser or watercut 3 or 4mm sheet steel of high quality.
The CCC Lock
Some people in the CCC are creating an open source lock ( code can be found on their svn system ). It's based on the burgwächter TSE3000 cylinder, externally driven by their own custom electronics. It uses the Sputnik air interface for a simple crypto protocol. Hopefully the lock is in a state where we can replicate it in the near future.