Google Auth Safe/Vault

mrfrase3 · October 14, 2015, 4:13am

Heyo

~if you want to skip straight to the question, go to the pink bit~

Recently I made the tough move to actually secure my passwords and accounts after years of not bothering and using the same "secure" password for everything. In the process of doing so, I downloaded the google Authenticator app for my phone to secure my accounts with 2 factor. If you haven't heard of it before, basically it generates a new random 6 or 8 digit code every 30 seconds, like the bank fobs.

So I had the thought of hey, why not implement this on a safe? Having a pass code that changes every 30 seconds would be cool and secure to keep my cookies nice and safe. So I went out and bought a $20 safe second hand from gumtree and pulled it apart. The circuitry is surprisingly simple, it uses a standard keypad with 7 pins connected to a cheap circuit board which is connected to a solenoid that moves a pin, allowing the safe to be opened, all powered by 4 AA batteries. The circuit board can be scrapped and replaced with an arduino board.

So, to break this project into it's basic components, we need to cover:

Powering the solenoid - Transistor, done
receiving keypad input - keypad is compatible with the keypad library
checking the entered code with a code thats generated - this is the tricky bit
no external wires or anything leading into the safe - i.e. battery powered, even trickier

The battery power is not a huge issue, as its already been done for long term use, but it's an important factor.

The passcodes need to be TOTP (Timed One Time Passwords) where the time int from 1970 is used with a security key to make the code. This is opposed to OTP which are generated on demand, requiring both devices (phone and safe) to have the passcodes sequenced together which if one gets out of sequence, my cookies are locked away forever.

Thankfully, Lucadentella has already written a library for generating Google Auth TOTP passcodes for his lego house's security system. The only problem is that it requires an accurate time integer, luca unfortunately did this by hard coding the compile time and calculating the time passed since then. This is A. bad practice and B. reliant on arduino's internal clock that can apparently be inaccurate over the long term.

So this is the part that I am stuck at. I need a method of getting the 1970 time integer which doesn't use a wired external source (so not over Ethernet or USB) and is very low powered over the long term (not Wifi?). I know GPS would be a good method, but im not sure it will work inside a metal box, inside a building. There's also more accurate clock modules, but Im clueless when it comes to those...

Any advice would be appreciated.

DVDdoug · October 14, 2015, 5:07am

If this is for fun, OK...

But, I trust a good 'ol mechanical combination lock more than an electronic lock. A key or combination lock can last for years-and-years, and it doesn't need batteries or external power. My parents had a safe that originally belonged to my grandparents and It was probably at least 75 years old. I'm pretty sure your setup that relies on your smart phone & Internet won't work 10 or 20 years from now. Electronics can last a long time, but sometimes it doesn't, and technology changes so anything that's not stand-alone can stop working at any time with no warning.

I don't see the big advantage to a constantly-changing combination or password. If someone wants to break into the safe, they usually break in with drills, hammers, and saws, etc.

mikb55 · October 14, 2015, 5:33am

Acoustics - transfer the clock data from the outside to the inside using an ultrasonic piezo speaker/sensor in contact with the metalwork. The outside one can run continuously.
The inside one only needs to wake up for a few seconds once per day.

mrfrase3 · October 14, 2015, 9:31am

DVDdoug:
If this is for fun, OK...
...
I don't see the big advantage to a constantly-changing combination or password. If someone wants to break into the safe, they usually break in with drills, hammers, and saws, etc.

This is more of a fun proof of concept, it could scale in different ways, and if one were serious they could buy a better safe that is resistant to such tampering or even integrate it into the wall so it's harder to crack.

I don't even have anything to put in the safe.

mikb55:
Acoustics - transfer the clock data from the outside to the inside using an ultrasonic piezo speaker/sensor in contact with the metalwork. The outside one can run continuously.
The inside one only needs to wake up for a few seconds once per day.

very creative, but let's say it was integrated into a wall, and then the old radiator starts shaking a little, or some other appliance is oscillating, interfering with the vibrations... also, that's a little out of my scope

The safe shouldn't have to rely on something external that's out of the ordinary.

Topic		Replies	Views
Combination code safe with daily access Programming	6	629	July 13, 2022
TOTP: Secret / Arduino HEX Array / Base32 Programming	7	1955	September 12, 2022
A matrix lock that works with an authenticator General Guidance	13	443	February 18, 2023
Two-factor authentication key fob General Guidance	35	12373	May 5, 2021
Timed Cash Safe General Guidance	4	1022	May 5, 2021

Google Auth Safe/Vault

Related topics