Mechanical Lock Threat Models

High Security Locks Lock Threat Models

In a continuation my suite on threat modeling, this post will discuss lock threat models.  There are many high security locks that are intended to address the vulnerabilities of the standard pin-tumbler mechanism.  There is also a spectrum between bargain-basement hardware and expensive high-security locksets.  I understand that security doesn’t exist in a vacuum: though it would probably be a more secure world if everyone had a high security lock, it would also be a very expensive one.  Deciding on the right lock for your needs should be informed by a threat model.  For the purposes of this article I will assume that use cases are limited to residences and small businesses.  Choosing locks for large institutions require consideration of factors outside the scope of this post. This post also assumes that you have a deadbolt installed on all of your exterior doors.  Knob- and lever-sets alone do not provide adequate security, even for residential applications.  Finally, this post assumes that the deadbolts on all your doors are of the same level of security.  Using a high security lock on the front door does little good if your backdoor isn’t protected to the same standard.

Locking Hardware Security Standards

Before we delve into lock threat models, it would be worthwhile to discuss the various gradations of locks on the market.  Wide variation exists in quality of locks. There are two major standards that are strongly indicative of the quality of a lock and the security it provides.

Lock Threat Models Secure Your Physical Perimeter
The UL-Listed high-security lock and the alarm system can serve as both deterring and delaying security measures.

ANSI/BHMA 156.2-2003:  The American National Standards Institute and Building Hardware Manufacturer’s Association tests five factors when assessing a lock.  This standard a locks ability to withstand vertical load, torque, deadbolt and strike impact, latch bolt strength, and operation cycles.  These all pertain to a lock’s ability to withstand forced entry methodology.  Forced entry resistance is a concern for all lock threat models.  An excellent summary of the ANSI/BHMA standard is provided in this article.  Depending a lock’s performance it will be assigned a grade: Grade 1, Grade 2, or Grade 3.  These grades can be described succinctly as follows:

  • Grade 3: Meets the ANSI/BHMA absolute minimum acceptable quality for residential door locks.  Locks in this Grade are comprise the majority of locks available at big-box hardware or department stores.  They generally range in price from $10 to $20 and because they are so inexpensive, are often used by building contractors.  These locksets are completely unacceptable, in my opinion and provide no real security.
  • Grade 2:  This is a massive upgrade over Grade 3, and is considered a “heavy residential” or light commercial lock.  Locks in Grade 2 are acceptable for residential use, in my opinion.  Grade 2 deadbolts generally range from $35 to $50, but can still be found for under $20.
  • Grade 1: Grade 1 offers the best security.  Locks in Grade 1 can withstand substantially more abuse than those in Grade 1 or 2, and are much higher in quality. Grade 1 locks are also generally more expensive.  Grade 1 deadbolts usually range from $45 up to $100 or more, though some are available for as little as $30.

UL-437:  The UL-437 standard is much more rigorous.  UL-437 addresses forced entry methodology, but of a more sophisticated style.  Rather than the simplistic (but incredibly important) hammering and kick-in tests of ANSI/BHMA 156.2-2003, UL-437 allows the use of “portable or electric hand tools, drills, saw blades, puller mechanisms…”.  To meet this standard locks must withstand five minutes of each of the following: forcing, drilling, sawing, prying, pulling, and punching.  Additionally, UL-437 also addresses covert entry methodology.  Locks meeting UL-437 must deter unauthorized opening by bypass, lockpicking (10 minutes) and impressioning (10 minutes).  The UL-437 standard is as notable for the things it doesn’t test as the ones it does.  UL-437 does not assess resistance to a number of other techniques like key bumping.

The major takaway here is that all true high security locks will meet the UL-437 standard, but not all locks meeting this standard are what I would call “high security”.  However, most locks meeting the UL-437 standard will also meet the ANSI/BHMA standard, essentially making it a “Grade 0” lock.

Creating Your Lock Threat Models

While in a perfect world, everyone would have a “Grade 0” (again, my term – not an actual grade) lock, this isn’t realistic.  Deadbolts in this category range in price from +/- $150 to $350 depending on make, model, and options.  Securing three or four doors with these locks is a costly proposition.  While perhaps desirable, is a Grade 0 lock truly necessary for every individual?  I contend that it is not.  The following lock threat models should be a guide when selecting locks for your home or office.  Also note that profile elevation is not much of a concern here.  Very few (if any) will notice the locks on your door, regardless of what they are.  If they intentionally look at your locks, then your profile is probably already elevated.  Use the following lock threat models to determine which locks you should be considering.

Grade 3: Those who cannot afford a higher-graded lock.

Grade 2: This should be the minimum standard for any homeowner.  Locks in Grade 2 should be considered over Grade 3 because forced entry is a concern for everyone.  Locks in this category offer very little protection from covert entry techniques like lockpicking, key bumping, and the like.

Grade 1:  Grade 1 locks are ideal for the average home owner.  Grade 1 locks have substantially more forced entry resistance and almost universally have six pins.  The sixth pin makes picking much more difficult than a Grade 2 or 3 lock with only five pins.  A Grade 1 deadbolt would be a substantial upgrade over the much more commonly installed Grade 3 locks and should be considered by most homeowners.  However, Grade 1 locks that are not truly “high security” should not be considered secure from covert entry.

Grade 0:  Locks in this category should be employed by anyone who can afford them, and/or by individuals who have realistic concerns about covert entry and maintaining key control. Grade 0 locks should also be considered in cases where property (i.e. vacation home) is left unattended for extended periods of time.

Locks in Grade 0 meet typically Grade 1 standards for forced entry resistance (I have seen high security cylinders sold in Grade 2 hardware).  Locks in this category are also generally secure against covert methods of entry.  A major benefit to these locks is key control.  High security locks use novel mechanisms, and have novel keys to activate these mechanisms.  Such keys are hard to aquire blanks for, and hard to cut properly if blanks are acquired.  Such blanks are also typically patent protected to prevent aftermarket sales.  This means you can give a key to your general contractor, babysitter, dog-walker, etc.  When you collect the key at the end of the individual’s service period you can be confident it has not been duplicated.

These lock threat models are only a guide.  I believe everyone should own the best lock he or she can afford.  In an upcoming post I will make some specific recommendations for deadbolts in Grades 0, 1, and 2.  Stay tuned!

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply