I recently read this Wired article about a diamond heist that took place a few years ago. It’s a good read; I suggest you check it out.
Anyway, the article gives an excellent description of each of the security measures that the vault’s owners put in place, as well as the methods that the crooks used to circumvent the each measure. While reading, I continually marvelled at the ingenuity with which the thieves circumvented each system, which is, I suppose, the point of the article, and why it makes such great reading for geeks like myself. At the same time, I couldn’t help but feel a little uneasy about the approach taken by the owners of the building to secure their vault. It seemed like a shotgun approach: take one of every kind of sensor and locking mechanism available and stick it in their somewhere, and then keep the final resulting system secret, to make it more difficult for thieves to figure out which circumvention methods would be necessary to breach the vault.
In the realm of computers, there is a name for this strategy: security through obscurity. That got me thinking, is there a better way to secure physical property? I think that at this point, most knowledgeable computer people have given up on security through obscurity, and now recognize the importance of proper security. But physical security is a very different beast than computer security, isn’t it? I mean, if the current state of the art in vault-making is just security through obscurity, then what would proper security look like?
One of the primary principles of computer security is that it is open. Nothing is hidden or secret about encryption algorithms. The only secret is the secret key that a particular person uses to encrypt their data. As long as an attacker doesn’t know that secret key, their knowledge about the rest of the encryption algorithm doesn’t help them a bit. Would it be possible to do the same thing with a vault? Could you make a vault whose blueprints were completely open and available to anyone, but that was still secure, as long as the combination was unknown?
I thought about this question for a while, and it seemed to me that it should be possible, but no answer was forthcoming. The central problem is this: you can keep the control system for opening and closing the vault inside the vault itself, to protect it from tampering, but you still need some way to communicate with the control system in order to cause it to open the vault’s door. For example, if the control system inside the vault will only open the door for a particular numeric code, then you would need some kind of keypad on the outside of the vault, so that the vault’s owner could enter the code when they wished to enter. Then you would need some kind of connection between the keypad and the control system. The most obvious communication channel would be a simple wire, but then you would need to drill a hole through the vault’s outer wall for the wire to pass through. This hole then becomes a vulnerability. The attackers could rip off the keypad, pull out the wire and then snake a little endoscope-like robot through the hole to monkey with the control system directly. There are little additions that could be made to this system, but none that fully remove the vulnerability. If you make the hole through the vault wavy rather than straight, for example, then the little robot would have more difficulty snaking through, but a more flexible version of the robot could be built. Measures could be adopted to prevent the keypad from being ripped off, but they could all be circumvented by opening and hacking the keypad itself, which the attackers would have relatively easy access to.
If the vault’s walls were constructed of metal thick enough to withstand many hours of drilling, then it probably wouldn’t be possible to use any kind of wireless radio signal to communicate with the control system either. This was the thought that finally led me to the answer that I was looking for. If the vault’s walls were made of metal, then perhaps the walls themselves could conduct electricity well enough to allow a signal to be transmitted through.
Imagine this: a vault cast as a single piece of hardened metal, with walls several feet thick, able to withstand three days of non-stop drilling. The vault’s single opening would be protected by a door of the same thickness as the rest of the vault. The hinges for the door would attach on the inside of the vault. From the outside, the vault might appear as though it is just a solid block of metal, with only the thinnest seam visible where the door joins the rest of the structure. Also inside the vault would be the computer control system, perhaps powered by radioisotope battery. The computer would have paddles touching the outer wall that would be able to detect if the wall was conducting and electrical charge. If the computer detected the right pattern of on-off charges (communicating the secret key in binary), then it would open the door. To open the vault, the owner would roll some device up to the side of the vault, pressing paddles up against the vault’s walls. They would then enter their code, by a keypad or some other means, and it would be transmitted through the vault’s walls to the control system.
All that would remain would be the “brute-force” attack: drilling through the wall. Of course, there could still be some subtle vulnerability, but if the plans were published for review by the security community, that would definitely decrease the likelihood of such a thing. If nobody in the security community publishes an exploit for the vault over the course of, say, 50 years, then I think it would be safe to say that the chances of discovering a vulnerability in the next 50 years would be vanishingly small.
There are some possible problems with this. For instance, I don’t know how much electricity would be needed to generate a signal that could reach into the vault. Perhaps the owner would be risking electrocution every time they tried to open the door. Perhaps the vault would need to sit on insulated pillars, because of the electrical charges involved. I am not a vault designer (IANAVD), but it seems to me that something like this could be built.
Perhaps what I’m describing has already been invented, though a quick Google search didn’t turn up anything. If there’s anyone out there who knows anything about bank vaults and physical security, I’d love to hear what you think.