Slashdot Mirror
Mobil SpeedPass, Various Car RFID Car Keys Cracked
44BSD writes "Crypto-enabled RFID products, including Mobil SpeedPass and various car keys, have been defeated utterly by Avi Rubin, et. al. Details are at rfidanalysis.org. An academic paper is also available."
Car RFID Security System Cracked
.com ads story was set to run. I had a ready made "Duper Bowl" joke, too.
The best part of subscribing to Slashdot is watching CmdrTaco post multiple duplicates in a row, then giving up and posting a dupe anyway. Before this story, a dupe of the Super Bowl
Hey Taco, when's the last time you read your own site? Oh wait, why am I asking, you'll never see this.
And the NY Times story from yesterday's slashdot story on this same crack by the same team.
It was only a matter of time...
Damn it. I feel so inferior. My car keys defeat me as soon as I put them down, and suddenly they're not there anymore.
It's a conspiracy I tell you!
The Mothership
The car keys aren't such a big deal, because you'd also need the key itself for the mechanical part of the lock. The speedpass IS a big deal, because it's single-factor authentication, and people could go around charging gas to your account.
No no... this isn't the SAME... See that article was about car RFID tags being cracked. This is about car RFID tags begin cracked AND Mobil's Mobile pass (which uses the exact same chipset as the car RFID tags).
So, y'see? Different.
Maybe some form of RFID can help the editors avoid these duplicate articles.
Yes, it's a dupe, but forgot about that, take a look at Avi Rubin's home page. Scroll down to that Peer-to-Peer book cover... It says with multiple authors... Does that look odd in a gay orgy kind of way to you too?
Then perhaps it should've been written as a follow-up to the previous story and ONLY mention the new information?
These companies take a bunch of average coders and then ask them to create a secure program/toy/whatever. They almost certainly do not get true expert help. Then lo and behold, it gets cracked. And I am willing to bet that top ppl are surprised.
I prefer the "u" in honour as it seems to be missing these days.
Hey the lead singer of U2 helped crack this stuff too?
At least that's the firtt name on teh paper "Steve Bono". Why did the poster mention Avi Rubin first? Instead of Bono et. al. ?
LOL
"Now Hiring: Computer Scientists Required.
Experience Needed!
Actually, I'm guessing this Avi guy will be picked up by a car technology company relatively quickly...
Comment removed based on user account deletion
They apparently tested one of their devices at an actual Mobil station. Will the Ashcroft/Gonzales Army arrest these guys?
Nope -- not this time, but thanks for playing!
Ive said it would happen, thats why I don't ahve one. What's also a matter of time is the cars that have the remote start, so you could be in your house on a snowy day and turn your car on so when you get to it its aready heated up. I'm reallysupprised that they haven't been cracked by car theifs.
I'm probably going to get modded into oblivion for saying this.... But why don't people just not read dupes? I mean, it's not really hurting you that it's there...and some of us didn't see the first one, but see the second one. It just doesn't seem worth complaining over.
Before you mod me funny, think, perhaps I was insightfully funny?
Preemptive anti-slashdotting. There's a bunch of large movie files linked to from the article. Use the mirrors or the coral-ed links.
http://rfidanalysis.org.nyud.net:8090/
Why does the slashdot summary say the work was done by "Avi Rubin et.al." when Rubin was the 5th out of 6 authors on the paper? Why not say Steve Bono et. al., since he was the first author?
different. Absolutely.
We like Avi Rubin. (Even though he's named fourth on the RFID paper, we credit him with the find) He helped expose the theft of the 2004 election by George Bush through the clever use of evoting machines while denying that the Venuzeulan election was stolen through the clever use of evoting machines.
"The car keys aren't such a big deal, because you'd also need the key itself for the mechanical part of the lock." Not true, one of my cars has a function called "Keyless Go", just have a credit card type device on you and the car unlocks and starts at the press of a button. I am not sure if it using RFID though. No information on that. But it is using a similar technology for sure
The electronic keys from Mercedes are a good example of this done right. The key has an IR transceiver at it's head that exchanges one time codes with the car when the driver begins turning it. The received code is saved for next time and can't be intercepted without getting physically between the head of the key and the transceiver inside the lock. Even then, an intercepted code would have to be used before the victim returned to his car. Who is going to do a complicated install of capture equipment into a fortified lock at location A and then follow the victim to location B to steal the car? It's just far too conspicuous.
Mercedes overhauled security, rather than tacking on a secure by being obscure layer to the existing crackable standard - TI Immobilizer systems don't require advanced physical access, just proximity to the key at least an hour before the moment of a heist. Even worse, once the key is cracked it won't change either, so criminals can wait to strike and further avoid notice. Just wait till a tiny RFID scanner and a usable cracking program show up in the black market. A laid off engineer has too much potential to make dough with the ideas that have been released. The program could even do distributed processing on a broadcast LAN or via P2P.
Now someone is probably going to point out that they'll be laughing when the fancy Mercedes key runs out of batteries and leaves its owner stranded, but this isn't the case. The key can receive power from the car despite not having any visible metal contacts - likely because there is a coil embedded in the plastic key that will get power inductively when the key is inserted - without any wires [slashdot.org]. It's news on slashdot, but it's been shipping since 1997, and much longer before that for other applications.
As if that weren't it, the key doubles as an RF remote for locking/unlocking doors, popping the trunk, and a panic function. But wait there's more - the IR transciever portion of the key, when aimed at the driver door can open, close, or place anywhere in between all the side windows and sunroof at once. Great for getting into the car on a hot day or sealing up all the windows as you leave. Impressive what they they've put usably into a key, albeit oversized.
Finally, despite using a radically different model, Mercedes cleverly applied the familiar form and usage pattern of the existing standard to bridge it with the new one - a nice touch for user comfort without any compromise to security. Well engineered indeed.
I think I just found the most advanced, compact, yet inexpensive automotive security system ever. I managed to get a photo, which is here.
... is that they reverse-engineered the design of the cipher using just black-box access!
Reverse-engineering can be easy enough when you have some assembly code or a piece of hardware, but these guys figured out the internals just by looking at input/output pairs. (OK, they had a rough description of the design, but it was lacking almost all details and was even inaccurate in places.)
That's really clever -- and really underscores the idea that "security through obscurity" tends to fail terribly. (TI probably thought that the use of a proprietary cipher provided a lot of security, so they didn't worry so much about key length. Foolish, but common, reasoning.)
oh wait, they already did it.
If you think he doesn't read his own site, what makes you think he reads the comics?
What did you eat today? http://www.atetoday.com/
The best line of the story: keep your keys wrapped in tinfoil just to be safe. First there were tinfoil hats - now tinfoil wrapped keys! Where will this madness end?
I think it's only after someone's witty, well-thought posting get's moderated redundant that people get the bug up their nether region about redundancies of the "editors".
;-)
It also goads future postings into becoming poorly-edited, formulaic, nonsense as long as it can be posted quickly.
Quod erat demonstrandum
I think Mobil anticipated this. They started requiring you to enter your ZIP code at the pump a few months back.
--- Ban humanity.
I'm wondering.. when the RFID chips get a signal from the reader (eg: a mobil speedpass challenge/response), the speedpass obviously has to do some computation on the limited RF energy that its been given, and then return the answer.
I know vaguely how CPUs do these sort of calculations, but how do you HARD wire a system to do that on so little energy ?
Do the energy requirements go up w/ keysize ? The complexity of the circuits?
Do these things have some sort of static flash ROM ?
In the case of remote starters, being able to start the engine remotely might help a bit but a thief still has to break into a locked car and unlock the steering wheel.
Seriously. Why would Mobil build and support an RFID system protected under a 40 bit key? I thought at the very least those speedpass systems had a 64 bit key.
I know that encryption isn't that important when true physical contact is involved (such as most credit cards, which have no encryption protection but are starting to get some with smartcards) but when it comes down to something that basicially broadcasts a credit card number, you would think that mobil would be a bit more concerned about it.
If I had a mobil speedpass I would be concerned, since a small device placed on top of a gas pump could easily passive eavesdrop on your speedpass and pass that information to would be criminals.
The car key, although just as disturbing, isn't as important to have a strong key since it would involve way too much work to basicially steal one car. To do it you would have to somehow read the signal from the key by bumping into the person leaving the car to active scan their rfid signal, (passive eavesdropping would not work well since it only sends the signal at startup when the person's going to be driving away) Decode it, and then use it to start the car once you bypass the physical key. It would be much easier and faster to steal a car without an immobilization system then to bypass it.
In Soviet Russia, Trojan exploits YOU!
This a dupe article dupe!
From the article:
"In preliminary experiments, we have achieved an effective range of several inches for a DST on a keyring in the pocket of a simulated victim using a tiny antenna."
So nobody's sitting in a car across the street from a Mobil or Exxon station picking off your SpeedPass info when you tank up. I rather hope you'd notice a guy walking too close to you on the street, carrying a laptop and pointing an odd-looking round antenna at your pockets.
I remember when SpeedPass first debuted, you had the option of a keyring, or a transponder box that looked large enough to be able to house a battery and was to be stuck to your rear windshield. I don't think they offer those anymore, but the Mobil station I use regularly still has the antennas for them-- they stick out from the top of the pump and hang over where the car being fueled parks.
The question is, were the transponders discontinued, and if so, why?
Was it because people were getting their windows smashed so the transponders could be stolen?
Was it because the greater communications range meant a greater risk of having the info within it cloned from a distance by clever nogoodniks?
Or was it just because more people opted for the keyring and the transponder was unpopular (probably because people realized they'd have to take it with them when they left the car or risk having their window smashed by a thief)?
This story is similar to the car key RFID system being cracked but if you look carefully the content is actually different and provides a more technical perspective to the situation. The other one was fluff compared to this. People here need to stop being so nit-picky because I find that most of these "duplicated" articles are informative and contain interesting content that I would have not seen otherwise.
I am very interested about the techniques they barely mention that made a "black-box" implementation of the encryption! Does anyone have any information on this? I think that is the most amazing part of the article, but they go into no detail.
This would probably be more usefull for irrating car owners than for theft.
BTW, do these really exist?
# cat
Damn, my RAM is full of llamas.
Here's my question: Will this apply to toll road "speed passes" too? Does this mean that someone can charge up my account driving around all the tollways broadcasting my id? That could be a huge problem when we don't find that out until the bill arrives... and no verification to enter to make sure it's you (that would defeat the purpose of the speed pass). And a whole lot of time and money to go back and fix that system!
Chris
http://www.freeminimacs.com/?r=14620338
Oh shut up. It's the same story. If you had actually read the original, you would've found your way to the same information.
It's a dupe. CmdrTaco doesn't the his own website and he ignores people that pay for it.
The way the current trend has been going, for any given security feature, it will be only a matter of time before someone cracks it. Lately the talk has been about biometric security coming out, and now I am wondering how long it will be until those are cracked as well.
Sounds great... But unless they can run away from flatbed trucks... They are totally useless.
The point is this:
If somone wants to steal your car. They are going to steal your car.
It is fairly rare to have a car stolen for "joy riding" now a days... It is much more common for cars to be stolen for parts or to be shipped overseas.
Either of these scenerios imply that criminals are looking for a specific model, meaning they will know how to bypass any stock security systems. Or they will just throw the $100k car on a flatbed and completly avoid the security system.
Can anyone say that they are suprised? All wireless technology can be hacked
I own a 2002 Toyota, which I bought used, and which came with ONE transponder key.
Toyota wanted $45 for the blank. And $95 to "program the key for the car". My brother has a Mitsubishi, they wanted even more.
It turns out that if you can obtain a blank, you can usually program your car yourself to accept the key.
And it turns out that there is a very nice market for these key blanks on ebay. Search for transponder key and your vehicle's make and model. The going rate is about $20.00 and the key blanks usually come with all the instructions you need.
I bought two blanks for $40, and three days and 20 minutes later I had three working keys for my Toyota saving me over $200 from what the dealer wanted.
Maybe if the editors were doing their JOBS that they get PAID FOR, they'd have recognized this fact and only let one story through--the one that would best meet the expectations of their audience.
Oh wait, we don't have any expectations, because they behave like morons 90% of the time.
7 November 2006: The day Americans realized corruption and incompetence weren't addressing 11 September 2001
Yes, remote starters exist. They're used by people to warm up or air condition their car before they get in it.
Remote starters? Yes, they exist. They've been on the market for years, maybe even decades. The new Chevy Malibus have them as a factory-installed option, and I'm sure other new cars have them, too.
Why isn't cmdrtaco.net W3C-standards-compliant?
"Our attack on the DST cipher by no means implies wholesale dismantling of the security of the SpeedPass network, nor easy theft of automobiles." But for $3,500 a thief could effectively use this device and a dent puller to steal a car. Nice - all this does is give us a more technically adept thief.
You can't drive the car after it has been started with a remote starter. Unless you insert the key as soon as your press the brake it shuts off.
I suspect that even with the immobiliser key fob, you would have a bit of work to do to get the car started. Bear in mind that you have to get into the car without setting the alarm off, which locks out the engine management ECU on most cars. Then, possibly with the alarm going off, you have to get the steering unlocked (tampering with the lock will usually just jam the bolt in place), reset the ECU, get the car started, and drive off.
Let's just ignore for the moment the way you can disable the immobiliser on most BMWs with a 6" bit of wire...
How much do you two whiners pay for reading Slashdot? Contribute much?
Techies can be so bloody whiny about their free content...
Well it's not that easy, but there are some benefits of remote start besides not freezing your ass off.
A couple years back, my sister started the car from her house on a cold day, she gathered her kids and went to go out to the car... which was by then enveloped in flames.
-William Shatner can be neither created nor destroyed.
Excuse me? They make money off me cause of ads dont they?
When I get "duped" into something even if it's free I'm going to complain, cause hey my time's valuable you know.
Ok, now I'm off to sit on the couch and eat Cheese Ritz.
What makes you think these products where coded by chimps? Are you telling us that it is possible (for you perhaps?) to make crypo secure RFID products? This is simply an inappropriate use of RFID, and regardless of the quality of the engineers working one these toys, the decision to go with this misuse of technology almost certainly came from the Suits upstairs.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
People here need to stop being so nit-picky because I find that most of these "duplicated" articles are informative and contain interesting content that I would have not seen otherwise.
.. through something whacko out there and the masses will follow.
Most of these "duplicated" articles???
Oh Puh-leeze. This is about the first time that a "dupe" has been (controversially) miscalled. A good 90% of dupes that people complain about are text for text dupes. So don't try to act like the exception is the rule.
Who cares though
I for one, would like to welcome our new Gay Overlords.
Hey all --
/. already, I figured it hadn't been submitted. My bad for not reading /. yesterday ;^).
Sorry to have submitted a dupe. I don't read the NYT, and I saw this via a somewhat esoteric web site, and when it wasn't up on today's
Anyway, the obvious thing to do is see what domain names Avi and cohorts have registered recently, to see what they will obliterate next.
If this guy hooks up with Matt "Locksmiths ph33r my 7eet sk1llz" Blaze (linkage) it will be rather amusing.
On a serious note, why don't these firms just hire Avi, Ross Anderson, or Markus Kuhn up front, and save embarrassment and retooling?
Sounds like a brief summary of my sexual life history..
God.. I am a pathetic little man who spends his time reloading slashdot and mass storing porn to a 2 terrabyte raid system.
Atleast i'm not alone here..
Who moderated the parent OFFTOPIC? Since the article is a dupe, it eems to me a comment about it being a dupe is about as on-topic as you can get.
Ignorance is curable, stupid is forever.
Look at the Awards page.
/. got an award was about the same time it started going rapidly downhill..
The last time
Except all newer Mercedes have mercury switches that detect tow-away. Won't stop you putting it on the flatbed, but you still have to disable the security system before the car calls home and gives the cops a nice sub-meter fix on your chop-shop.
My understanding is that the handful of high-dollar Mercedes that get stolen every year are almost always taken by carjackers. With all the security measures, it's much simpler to just box somebody in at an intersection, put a big gun against the glass, and ask politely for the keys.
Just in case this site gets slashdotted, I setup a quick mirror of the research paper: DSTbreak.pdf
The best part of subscribing to Slashdot is watching CmdrTaco post multiple duplicates in a row...
Actually, what's even better is getting a chance to re-read a great article. Sort of like a good book.
Ok, well, maybe not.
so let me get this right we get fluffed up dupes if we subscribe?
A Bush supporter demonstrates their typical social skill.
Well, with such a Jewish name what did you expect! GO Jews!!!
This is the ultimate in car protection
Should be installed in all of Americas cars by 2006.
A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
Your comment is extremely misleading.
You'll notice most of the awards are for "New Site". i.e. The awards are usually given out as a way to make other people aware of the site. Slashdot's "new" phase is over and most people know about (most people who would care to know). You don't see Google getting awards now, do you? How about eBay, yahoo, etc...?
As a matter of fact, many newer Mercedes incorporate an anti-tow immobilizer, which kills then entire ECU when the angle of the car changes within a predefined range. The immobilizer is activated manually using a button after the car is parked. Although I agree the money in theft is in parts, not an entire car.
In my experience, remote starters will start the engine, but are wired such that any attempt to put the car in gear without an actual key present in the ignition will cause the car to shut down again. So it would be a great way for a thief to make a fair amount of noise before he's actually ready or able to drive away.
>CmdrTaco doesn't the his own website and he ignores people that pay for it.
And you don't the your own posts.
I think there's a motivation for abuse that nobody's mentioned yet: mischief. Sure, if I'm a bigshot car theft ringleader boosting expensive autos into semis and shipping them out of the country I don't much care about this little development. But if your cow-orker leaves the key to his shiny new car in a fixed location, even his own pocket... and you just happen to already be an electrical engineer...
"There are hundreds of game theorists at the gates, sir, and they want to hold an election!"
... RFID isn't ready for the public? Which encryption algorythm are they using for RFID? You'd think they'd use Blowfish, IDEA or AES.
I am leaving. I encourage you all to do the same. Fark is much better quality. The editors actually read the site!
What do you want, a retinal scan? Short or having some human examine you, your ID, and your other boneifieds to vette you, systems like these will always be crackable. Get over it, life has risks.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Yes, I posted this yesterday. I don't use a key to start my old car. If anyone figures out how to start it, they are not going very far, even though I use it as a daily driver to get back and forth to work.
Trust me, this is a 30 year old car, and you would not get far, unless you have a better swear word vocabularly than I use to keep it going. I am running out of swear words, and each day is an adventure. I get to work, but by then I am really mad, having to put up with that piece of *hit. (Don't let it hear me, or tomorrow will be worse.)
Finally, when my miserable day at work ends, and I can go home, it is waiting for me, ready to crank right up, and start the fun. No one else, though, would get any fun, or very far along the road, let alone a mile or two. No key needed.
With the price of gas hovering around 2 bucks a gallon here in the midwest, all i can say is 'cool, free gas for all!'
---- Booth was a patriot ----
YIKES! =\
My sister has(had?) an '88 Ford Escort with one of the defective ignition switches that could statrt a fire. I tried to tell her about it, but she kind of brushed it off as it was no big deal.
Your sister had a hit put out on her head?
I have a 2004 GTO and a 2000 T/A and neither have had this problem.
In fact a remote starter was the subject of a recent "Car Talk" call... some woman had bought a used car with a remote starter and had found it started erroneously in her driveway on several occasions. She hadn't been using the starter herself and theory was some random neighborhood device was starting it up every morning. Am guessing this is a non-crypto model though.
Actually, I'm not 100% certain, but I think I recall reading that the remote starters in cars generally use some type of rolling authentication code - so it's not especially easy to crack.
(At least, you're not going to get anywhere by trying to capture the radio transmission off someone's keyfob and duplicating it, or that sort of thing.)
Michael, 'zat you?
we should round up all the comments which have the word "dupe" and auto mod them down
Don't you guys ahve anything better to do?
You have to factor in cost of living and average income, you cant just compare exchange rates..
And that varies from state to state, country to country.
---- Booth was a patriot ----
The thing about this I thought was interesting is that the research was sponsored by RSA Corp. Anybody want to bet that wouldn't have happened if TI had licenced a RSA algorythm?
I suppose it's a good thing that companies are competing in this way, rather than just slathering us all in layers of obfuscation and FUD.
I've actually sawn open the bonnet of a car and cut the battery leads, because the owner would not turn the alarm off. After hearing the damn thing right outside my house from 1am to 5am, tempers were getting frayed right throughout the building...
As the other poster says, the brake light won't be on. Furthermore, if you did short out the brake light, and it *was* on, all you'd do is pop the brake light fuse, which may not affect the alarm.
crack [warez d00dz]
- v. To break into a system (compare cracker).
- v. Action of removing the copy protection from a commercial program.
People who write cracks consider themselves challenged by the copy
protection measures. They will often do it as much to show that they are
smarter than the developper who designed the copy protection scheme than
to actually copy the program.
- n. A program, instructions or patch
used to remove the copy protection of a program or to uncripple features
from a demo/time limited program.
- An exploit.
Nowhere does it say that a brute force approach is considered "not cracking". Nowhere does it say that social engineering to crack a system is not cracking. It simply says To break into a system . That means illegal or unwanted entry.2 miles is walking distance, and yes I do walk to work (but that puts me in a tiny minority).
Maybe he's like the rest of us and blocks all posts by michael?
Maybe I get modded flaimbait for this but I feel that's part of the reason why a lot of open source software is so damn good.
We try hard to do stuff right because we hate it so much when others don't.