Breaking a Car's Cipher
An anonymous reader alerts us to research out of Belgium and Israel that claims a practical attack on the KeeLoq auto anti-theft cipher. Here are slides from a talk (PDF) at CRYPTO 2007. From the researchers' site: "KeeLoq is a cipher used in several car anti-theft mechanisms distributed by Microchip Technology Inc. It may protect your car if you own a Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Volvo, Volkswagen, or a Jaguar. The cipher is included in the remote control device that opens and locks your car and that controls the anti-theft mechanisms. The 64-bit key block cipher was widely believed to be secure. In a recent research, a method to identify the key in less than a day was found. The attack requires access for about 1 hour to the remote control (for example, while it is stored in your pocket). The attacker than runs the implemented software, finds the secret cryptographic key, and drives away in your car after copying the key." Update: 07/23 15:27 GMT by KD : One of the researchers, Sebastiaan Indesteege, pointed out that the link to the paper was incorrect; their paper has not yet been released to the public. I also managed to mis attribute his nationality. He is Belgian, not Dutch. My apologies.
KITT: Michael, someone's trying to hack into my operating system! Help me Michael!
GetOuttaMySpace - The Anti-Social Network
a long time ago I had a girlfriend who liked to put her hand in my pocket and had access to my master key for hours. one day she took something from me using the key, but it wasn't my car
"Little does he know, but there is no 'I' in 'Idiot'!"
Sorry, we can only communicate through analogies to either automobiles or door locks. Discussion of actual automotive door locks is therefore impossible, and referring to Belgium as "the Netherlands" will have to be the site's sole contribution.
What I'm listening to now on Pandora...
It's the Netherlands, not Holland.
Knowledge is power. Knowledge shared is power lost.
It is however an understandable mistake to make, as most Dutch know very well, you can't expect Belgians to figure these things out.
But than again, it's not like linking to a
You bastard.
This being Slashdot though, all the cryptography "experts" will tell us how things should have been implemented.
A Beowulf cluster of keys (bound by a token ring) would make it difficult to interrogate any specific key.
I am becoming gerund, destroyer of verbs.
Basically, these electronic-chips-encrypted-stuff-on-the-car-key aren't meant to make it any harder for a car thief to get your car. It's just there to manage to increase the penalty for car theft.
Car theft isn't that much of a crime nowadays. However, breaking the cipher will net you a DMCA violation and such things will carry the death penalty pretty soon.
After 3 days without programming, life becomes meaningless
- The Tao of Programming