The keyless entry feature offered by many automakers puts thousands of cars at risk of electronic car-hacking, expert research has revealed.
According to the study, some keyless vehicles have a vulnerability which affects the Radio-Frequency Identification (RFID) transponder chip used in immobilizers.
The cryptography and authentication protocol used in the Megamos Crypto transponder, one of the most common immobilizer transponders, can be targeted by hackers looking to steal luxury vehicles.
What’s even more shocking is that the problem has been discovered in 2012, yet VW sued the researchers to prevent them from publishing their findings. After lengthy negotiations, Roel Verdult and Baris Ege from Radboud University in the Netherlands and Flavio Garcia from the University of Birmingham have received permission to present their paper with one redacted sentence this week at the USENIX security conference in Washington, D.C.
The Megamos Crypto immobilizer transponder is used in VW-owned luxury brands including Audi, Porsche, Bentley and Lamborghini, as well as in some Fiat, Honda, Volvo and Maserati models.
Immobilizers are electronic security devices that prevent a car’s engine from running unless the correct key fob (containing the RFID chip) is in close proximity to the car. Researchers broke the transponder’s 96-bit cryptographic system by listening in twice to the radio communication between the key and the transponder.
This method reduced the pool of potential secret key matches and allowed them to run through 196,607 options of secret keys until they found the one that could start the car. It took them less than half an hour to crack it.
The problem can only be fixed by replacing the RFID chips in the keys and transponders inside the cars, which would involve significant labor costs. Maybe that’s why automakers preferred to block the publication of the paper rather than fix the problem.
Story references: Bloomberg