Slashdot Mirror
Car RFID Security System Cracked
jmichaelg writes "The NY Times reports that the security chip in new auto keys has been cracked. A team at Johns Hopkins have found a method to extract the 30 bit crypto key that tells your car that the physical key in the ignition switch is the correct key. Texas Instruments has sold some 150 million security chips that are stored in the car key. The devices are credited with reducing car thefts of some car models by 90%. Stealing a crypto key requires standing next to the victim and broadcasting a series of challenges to the key and capturing the responses. The team claims an iPod-sized device would suffice to steal the crypto key in under a second. They advise wrapping your keys in foil when you're not using them. TI admits the team has cracked their code but denies there's any problem."
No problem? Come again?
Good thing I always keep my keys wrapped in tinfoil.
The difference between spam and poop is that you don't have to dig through septic tanks looking for real food. -- Me
Click that link from here: http://news.google.com/news?hl=en&ned=us&q=rfid+cr acked&btnG=Search+News
I have an excuse for the tiny tin foil hat or my car key.
Folks there is nothing to worry about, nothing to see here-OH MY GOD WHERE IS MY CAR?
Thieves go for the easiest target.
Should they hotwire a car they need to steal an RFID code for, or the one (Like mine, sadly) that you just have to hardwire... or jam a screwdriver in the ignition and twist...
You know the world's coming to an end when a team of security experts from a respected institution advises wrapping your car keys in tinfoil so the Bad Guys can't intercept the secret signal!
That's it. I'm no longer part of Team Sanity.
Seriously, who makes any kind of security device with only a 30-bit key any more?
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Lot's of things are possible. Will any statistically significant number of people try this? And how many will be successful? Not many. It's still safer than a regular key system, people should lose sleep over more realistic problems.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Isn't who the heck uses such a small secutiry key, but who the heck makes one that broadcasts at all? A metal key in a metal ignition has no reason to broadcast its code through the air!
~~ Please keep your arms, legs, and outright stupidity inside the ride at all times. Thank You ~~
You know, I'm starting to wonder if there was something to all those old sci-fi movies and tv shows where the characters were all wearing shiny tinfoil-like clothes. Perhaps in the future we will all be wearing stuff like that to prevent others from wirelessly stealing our keys/wallet/identity, etc.
All you'd have to do is put a towing company logo (or something made-up and likely-looking), and who'd say anything?
And take your time getting ready to leave, because the very worst that'll happen is that someone'll come back early and bribe you into leaving.
Carousel is a lie!
Does this mean I might no longer have to pay the dealer $80 each for duplicate Honda Odyssey keys? Because that would be nice.
p
In Korea, long hair is for old people!
Dude, where's my car?
paintball
I worked as a locksmith for awhile and getting those keys made is expensive to say the least. Plus you need a transponder machine to encode a key with the correct information. And they don't come cheap. Where I live it's usually over a $100 to get a new transponder key made and some dealerships charge around $60-$70 to make you a new one.
Risk everything, or gain nothing.
I'm already wearing a tin-foil hat, and it has a hidden inside pocket. Voila, problem solved!
You've never parked a $30,000 car in or around NY City, have you? Every day, dozens of cars are stolen, and either chopped or loaded onto some form of transport and shipped somewhere else. I know people that have had it happen, and one person, it's happened twice. The police can't catch them, or don't care. If you have a car that is "wanted", then it's gone. And it doesn't have to be expensive, or new. Mitsubishi mid-range SUV, several years old was one, and a Sebring convertible, 1 year old was the other. Both in the lower east side of Manhattan, but it happens everywhere. For these 2 cars, both were gone from the street during mid-day in less than 30 minutes' time.
Those of us who ever tried to figure out what a certain poorly-documented register on an ASIC really does, and enjoyed it, please read on:
http://www.rfidanalysis.org/DSTbreak.pdf
Fortunately for me, my sig is RFID enable... oh crap.
Ok, so anytime encryption is cracked it lessens security and this is definitely bad publicity for TI. However, this will not have car theives coming out in droves to steal cars that utilize "smart" keys. Here is what's required to defeat these keys:
The theif must know who the owner of the car is.
The theif must get close to the owner to challenge the key and crack its code.
The theif must break into the car, and hotwire the car as he would to steal any other car (he still doesn't have the physical key).
We're talking about car theft here. Stealing cars isn't like the internet where you can "ping" a huge range of potential targets in seconds. Theives will still pass over the smart key cars and move to the ones they can steal without stalking the car's owner. I think TI can safely deny that there's a problem without being compared to Microsoft.
--David
First, it was suggested that you wrap your newfangled passports in tin foil. Now it's car keys. I guess it's time for Calvin Klein, Gucci, DKNY and other designers to release their line of tin-foil clothing. Or how about clothing with pockets reinforced with tin foil?
/me runs off to patent office.
Wait, that sounds like a profitable idea.
Poor security schemes deserve to be cracked, and the companies that support them ought to lose business accordingly. I don't support car theft, but the company that produces these chips are the real theives - recieving payment for security that they don't provide.
While in the short term White Hat hacking may be detrimental to security, in the long run it is a driving force behind innovation.
the old method requires you stand next to the person with the key and hit them on the head with a shovel.
more effective, but not as 1337.
Where's Robin Hood? We could kinda really use him now.
First off, the key doesn't use static from the ignition. Read about this baby that swallowed a key to have that bit set straight.
Secondly, responding to the parent of this post's parent, a neighbor of mine who owned an Integra Type R (that, it just so happens, was exactly like mine) had his car stolen in under two minutes while mall security guards watched. The monkeys smashed the window, opened up the passenger floorboard, snipped the immobilizer lead, shoved a screwdriver into the ignition, and drove off.
The very next morning his car was found, minus its motor and expensive bits, rolled over, several times, into a lake. That he didn't have insurance at the time doesn't make the implementation details of immobilizers more or less important. Improperly implemented, these chips are about as potent as Master locks on chicken-wire fences.
"The team claims an iPod-sized device would suffice to steal the crypto key in under a second."
Is that the 40GB iPod, 20GB iPod, iPod Mini or iPod shuffle?
From the NYT article:
"The "immobilizer" technology used in the keys has been an enormous success. Texas Instruments alone has its chips in an estimated 150 million keys. Replacing the key on newer cars can cost hundreds of dollars, but the technology is credited with greatly reducing auto theft."
I think this is more of a scam to sell expensive keys than anything. I'll take my five dollar key and my chances.
You said "security they don't provide." I have an issue with that. They do provide security... and by reading the article, damned good security. The article reports that thefts of certain vehicles that use this technology have decreased by as much as 90%.
Are you asking for *unbeatable* security? Because as far as I know, there is no such thing unless it uses quantum cryptography.
According to the article, not only does a person need to have specialized equipment, specialized knowledge, but they also need over an hour of computing time, in addition to having to hotwire the car and knowing how to input the code.
"The company that produces these chips are the real thieves" my ass.
My parent's new Prius has absolutly no ignition at all just a "Smart Key" that automatically opens the car when it gets with in a set distace. And once inside they key remotely enables a button that you push to start the car. I don't know if it's the same chip but if you could get that code remotely it would make it very easy to steal a 2005 prius. I mean walk up, open the car, sit and bush a button.
Who knew chewing gum could actually provide an additional benefit?
:)
MacGyver did.
love slashdot. populate it. use it. abuse it. hate it. kill it. miss it. stop following links, they only kill servers.
Meh? Yes, I'm being practical, and so should you. All security can be defeated. I'm neiter attacking nor defending the 'white hats'.
The original poster heavily intimated that the company should deliver unbeatable security... an idea that is at best naive, and at worst demonstrates complete unfamiliarity with the whole concept of security and encryption.
You have to realise that AES 256 takes some rather beefy hardware to implement. Even 3DES is non-trivial. Now it's all no big deal when you talk PCs, they've got power to spare. However when you are talking embedded apps, it's different. In this case you are talking a VERY tiny chip that obviously must have very low power requirements. This places realistic limits on what it can do.
Also, when you get down to it, it's probably good enough. We aren't talking military secrets here, we are talking a car. The point isn't to make it unbreakable, because that's worthless, it's just ot make it harder to steal the car. You can't make a secure car. No matter what you do, someone can find a way to override it and steal your car. What this does is add a layer of security that makes it much harder for normal thieves.
Physical security isn't like virtual security. We get so used to haveing essenitally perfect (until someone finds a hole) virtual security, some expect the same thing in the real world. No, actually basically all real security has known flaws when it's setup. However the difficulty in bypassing the security is considered to be higher than the reqard in doing so, if the security is good.
Like for example I ahve a Medeco lock, and we use the same kind all over campus. Medeco locks aren't like normal locks, they have a biaxial pin system that makes them a real bitch to pick. Also means normal key copiers can't handle their keys. On top of that, Medeco patents and dilligently controls key distribution. You can't, in theory, go and get a copy of a Medeco key made without being the authorized owner of the lock.
Well it's easy to find a way around that. Ignoring other ways in my house, one could simply bribe/corerce my roomate out of a key. While you couldn't easily copy it, the key itself would still be perfectly usable for getting in.
Why then, would I pay a premium price for this lock, if I know it's not perfect? Because it's better than most. It does mean that my roomates can't copy the key and hand it out to girlfirends or the like, and it'll take a lot more physical abuse than a normal lock. It isn't perfect, but it's better.
That's what you have to deal with in the world of physical security. You just try to design a system that it good enough to thwart whoever might want to circumvent it, make it not wroht their while. I mean realise that even if this had an uncrackable code on the keys, you can wire around it, given time and skill. The engine is still just started by a simple electrical connection. It's not easy to access what you need to make it happen, but it's easier than you might think.
Basically, I'd rather have a weak crypto key that's feasable to make than nothing at all. Most people aren't going to pay for an expensive seperate crypto unit that is physically fairly large, which is what you'd need to do strong crypto at this point. So put weak crypto in the key, which is still better than most cars (a screwdriver is about all one needs to override the key on my car) and it helps.
In some countries, car theft is not just something that happens occasionally - it's an industry. And as in all industries, there are the rank amatuers and the pro's - For the pro's, this looks like a good option.
:)
:)
Consider South Africa - an entire arms race grew up around car theft. First the thieves just took cars when they were parked, so the insurance companies insisted that everyone have alarms and immobilisers.
The thieves got around those pretty quick - rumour is that a lot of professional's signed up for work at installation centres, learnt their way around them, and went back to work.
Next step was the gearlock - a device that locks the gearstick into a specific gear. IIRC, you couldn't remove the key on the earlier units unless you had the gearlock in, and if your car was stolen, the insurance company insisted on seeing all 3 keys.
Now with cars being so hard to steal, the age of the hi-jack was ushered in. If they can't get your car while it's parked, they'll take it while it's roll rolling.
In response, anti hi-jack systems became the norm. I can't remember how it was activated, but basically the bad guys show up, you let them take the car, they roll 20 metres down the road and the car cuts out and an alarm starts going off.
Around the same time we also go Satellite tracking, although I seem to remember something about it actually using the cellular infrastructure (GSM) not satellite - I may be wrong on this. Initially, the recovery rate on stolen and hi-jacked cars went through the roof. Unfortunately, the bad guys just upped the stakes. Soon we started seeing more kidnappings and murders as part of hi-jacks because if you can't call the stolen car in, they have longer to chop it.
Many vehicles were stolen to order, and not just new cars. Older cars that were common on the road were often targetted, then broken for spares. Cars that you wouldn't normally think twice about were stolen for export to Botswana and Zimbabwe, because the availability of spares for these made them popular vehicles.
Of my close circle of family and friends, we have had at least 10 cars stolen. Of those, not a single one has been recovered, so it's not a huge risk occupation really
I'm willing to bet that if this flaw is used anywhere, it will be used in South Africa - it's just one more tool for the biggest growth industry around
Coming soon to a Pocket PC near you!
On the plus side, TI can file John Doe lawsuits against the thieves (for DMCA violations, of course) if your car is stolen.
Since when is using a 30 bit encryption key a good idea? Keys like that are something that do not take all too long to break with our fast computers. Why didn't TI use a 128 bit or 256 bit key instead? It's supposed to be protecting a car so I'd expect them to use something pretty strong.
Nevermind the cars, it is the other applications that are more important. Yes, this crack might actually be used to steal some cars, but I doubt it will become prevalant. As was pointed out in the article and other posters, the physical part of the key provides additional security, and the flatbed tow truck and other techniques are much easer methods to use.
However, it is much more of a problem in other RFID applications, where the RFID chip is the only key, e.g., highway toll tags (Ezpass), credit card replacements (Exxon/Mobil Speedpass). Sure they say they have backup security in place, such as Speedpass' 'only two fill-ups per day'. But this can still allow for a lot of fraud.
Worse yet, as was the case with identity theft, the the first victims will find it VERY HARD to clear their records and accounts; they will be presumed to be lying until it is common knowledge that the RFID is not secure.
I've implemented the 128-bit AES algorithm in a PIC16F873. Here's the Microchip page with the app note and source code. The app note has performance metrics - 5273 cycles to encrypt; 6413 to decrypt (section 6, page 14.) My implementation, written from scratch, has comparable performance.
Since the PIC is a single-cycle execution unit, clocks correlate directly to real-time once you spec the operating frequency. At 40kHz clock (=10kHz instruction execution frequency) it'll take 527mS to encrypt one 128-bit block of data. Similarly, a 400kHz clock results in a 52.7mS block excrypt time. A maximum of 41-bytes of RAM are required for either encode/decode operations.
The claim that AES requires substantial hardware is bogus. AES is designed to be byte-processing friendly. It's much nicer than dealing with the bit-oriented DES and 3DES standards, especially in an 8-bit microcontroller environment.
I work in the smart card industry. You can buy smart card chips that do 3DES and 2048 bit RSA for less than a dollar. You can buy a complete contactless card (what idiots here would call RFID) that has a Java operating system, does 3DES in less that 70 milliseconds and does RSA with on card key generation for about $6, and considerably less than that in volume. These chips have specialized hardware to speed and secure the crypto operations, but any 8 bit processor with some storage can do 3DES in a reasonable amount of time.
As for AES, it was designed to be able to be run on smart cards and there are implementations of it.
In short, strong crypto on a keychain is feasible. I have half a dozen keyfobs on my desk right now that do it. The reason for the 30 bit key probably has more to do with export regulations involving the US and Japan than any technological problem.
Lasers Controlled Games!