With USENIX Security conference scheduled to take place this week, one can expect several automakers to come under scanner for their questionable security systems. Following the exposure of the possibility of car hacking of certain Chrysler Group models via their UConnect infotainment system, news has emerged that several cars from various global automakers are susceptible to theft due to a big security flaw.
It’s shocking to know that the vulnerability of immobilizer systems in certain cars were found back in 2012 but a lawsuit from Volkswagen has been preventing the researchers from publishing their findings! Researchers Roel Verdult and Baris Ege from Radboud University in the Netherlands and Flavio Garcia from the University of Birmingham, U.K, will present a paper at USENIX conference, detailing how the cryptography and authentication protocol used by Megamos Crypto Transponder can be hacked by high tech car thieves.
Megamos Crypto Transponder is one of most commonly used immobilizer transponders which can be found in VW-Group brands such as Audi, Porsche, Bentley, Lamborghini. Several other automakers use or used this transponder in some of their models. They include Skoda, Fiat, Honda, Volvo, Maserati, Alfa Romeo, Ferrari, Kia, Opel, Ssangyong, Chevrolet, etc.
Immobilizers are security devices which are designed to start the car only if the correct key fob with unique RFID chip is in the vicinity. They prevent traditional theft techniques like hot wiring the car. The aforementioned researchers managed to break the 96-bit cryptographic system by listening to the radio communication between the key and transponder. This narrowed down the pool of potential secret key matches. Running through options of 196,607 secret key codes via a laptop, they were able to find the correct key code that could start the car. The whole process takes less than 30 minutes!
When the researches took their findings to Volkswagen in May 2013, the auto giant promptly filed a law suit to prevent the publication of the research paper, arguing that its vehicles could be placed at risk of thefts. After a lengthy negotiation, the paper is now allowed to be published with just one redacted sentence.
It’s not going to be easy for the automakers to fix the affected cars since it involves replacing RFID chips in both key fob and transponder in cars that were manufactured several years ago.