3

When explaining public key encryption, people commonly use the imagery of keys and padlocks. However, most padlocks have only one key (i.e. only one bitting), and work like this:

  • The padlock can be locked without any keys; and
  • The padlock can be unlocked only using the key.

Is there a class of padlocks that, instead, functions roughly like public key encryption does? That is, such that for each padlock, there are two keys, and:

  • The padlock can only be locked by using key 1; and
  • The padlock can only be unlocked by using key 2.

I don't require specific make or model recommendations. Nor do the padlocks need to be secure, as I would be using them as teaching aids: they could even be made of plastic, as long as they function as above.

My question: do such padlocks exist, and, if so, what is this class of padlocks called, so that I can look them up and evaluate the options available?

(The next best option I can think of would be to make a box with two doors, each with its own, differently-keyed lock: one "public" and one "private". However, this would weaken the analogy somewhat. Hence the question above.)

sampablokuper
  • 1,961
  • 1
  • 19
  • 33
  • 2
    usually the pubkey analogy is a small safe with another key inside. alice sends bob the empty safe (pubkey), bob put a key inside and sends it back to alice without knowing how to unlock the safe. – dandavis Sep 10 '16 at 17:32
  • 4
    Could you consider the padlock itself to be the public key? The bearer of the padlock can lock a case such that only the bearer of the corresponding key can open it. – bdsl Sep 10 '16 at 21:07
  • I've used the padlock-as-public key analogy before, and it made sense to my 9 year old daughter. If she could understand it, I'm sure the analogy would work for almost anyone. Complicating things with a special type of lock that is rarely seen would be counterproductive. – forest Apr 17 '18 at 09:46

2 Answers2

4

I don't think you're likely to find this in a padlock, but I've understood a disc detainer lock can be made so that a key of one bitting is needed to open the lock, and a different bitting to lock it.

In a disc-detainer lock, the key operates the discs when it turns (instead of when it's entered in the keyhole, as in pin-tumbler lock), so opposite sides of the key can have different bittings. Combine that with a cylinder lock that moves the deadbolt in one direction when turned clockwise, and in the other when turned counter-clockwise, and you get the possibility of open-only and lock-only keys.

Now, I've never seen such an asymmetric key in real life, but apparently they're called shopkeeper keys, and are (or have been) made at least in the Abloy Disklock and Protec systems. Disklock is an older system, and toool.nl has a document with all you'll likely want to know about it, including a mention of the shopkeeper function. A quick web search found Protec cutaway locks with that feature being sold, too.

The idea (and what the name refers to) is that you can leave a close-only key to an employee on evening shift, and the key can't be used to get in after they left. (Well, unless they forget to lock up.)

As for the public-key cryptosystem analogy, I'm not sure if a shopkeeper key like that makes sense. A public key is supposed to be known by everyone, so they can send you messages, but handing close-only keys to random guys on the street would quickly get some joker locking your doors. (With your employees being unable to open them...)

The analogy of a safe or strongbox that can be locked without a key and sent back to its owner seems to make more sense, if anything will. (Or perhaps a mailbox-like box with a slot you can drop messages in.)

RedGrittyBrick
  • 1,355
  • 8
  • 14
ilkkachu
  • 2,086
  • 1
  • 11
  • 15
  • "Shopkeeper key". Thank you! That Protec cutaway is lovely but very expensive. I'll look out to see if I can find something much more affordable. If not, then 3D printing a suitable demonstration lock and key-pair is potentially a viable option, albeit a bit time-consuming to get the designs right. Thanks again :) – sampablokuper Sep 11 '16 at 01:25
  • The shopkeeper key has the problem that the "public" key holder needs to access the lock in opened state and you can teardown all open locks. As such, you can inspect the parts and figure out the "secret" key. – Mikko Rantalainen Jun 19 '21 at 16:12
  • 1
    @MikkoRantalainen, well, if we're talking real-life shopkeeper keys, a close-only key might still be somewhat useful in that losing one wouldn't be as bad as losing a full key. And while an employee _could_ indeed disassemble the locks on the doors, that might be a bit risky since during opening hours customers might notice that being done. Leaving the door open to disassemble the locks during the night seems a bit complex, would still be thwarted by security cameras, and you could always just break the windows or swipe money from the till during your shift instead... – ilkkachu Jun 19 '21 at 18:06
  • Yes, I was talking about employee wanting the open key. After all, the only reason to use shopkeeper keys is if you don't trust your employees. If you trust them, there's no need to open vs close key. I agree that it's not without risks for the employee but it doesn't take that long to extract the lock from the door and they you can inspect the lock without customers watching behind your back. For example, with the Eurocylinder design, there's literally one screw to remove and you can just pull the lock out of the door with the correct key (when door is already open, open or close key is fine) – Mikko Rantalainen Jun 19 '21 at 21:17
3

I don't believe they do and I'm not sure how that would work. There really isn't a call for a padlock you have to lock with a key, it is more complex than it needs to be.

For other locks, I think the nearest you would get to are those that have a master key which is quite common. But even there, any of the keys will lock any of the locks. The master key can open multiple locks of course.

Julian Knight
  • 7,092
  • 17
  • 23
  • I should maybe have mentioned in the question that I had already considered the option of using master keyed locks. A private key is a bit like a master key in that it can, sort of, be used to encrypt as well as decrypt, by the roundabout route of using it to generate the public key and then using that to encrypt to the private key. But the trouble is that even with a master key setup, the slave key would still be able to open the lock. So I think that the mechanism I described above would work better as a teaching aid. – sampablokuper Sep 10 '16 at 16:44
  • The truth is that there really isn't a real-world equivalent to PKI, hence the Alice/Bob analogies. – Julian Knight Sep 10 '16 at 17:21
  • @sampablokuper: private keys cannot be used to encrypt (at least, not in any meaningful ways. though the math works out, and we do a kind-of encrypting-with-private-key when making signature) – Lie Ryan Apr 16 '18 at 23:19
  • @LieRyan I don't think that is quite true. In most cases, you can encrypt using either key and will have to decrypt using the other key. It may not make sense in many cases however. AFAIK, there is nothing magical about either key. Just that you HAVE to keep your private key private. – Julian Knight Apr 20 '18 at 08:48