Feeds

Wikipedia-reading boffins jimmy keyless door to entire universe

Your car, your garage, and your office unlocked

The essential guide to IT transformation

A team of German scientists say they have cracked the encryption of a device widely used in keyless entry systems that electronically secure cars, garages and office buildings.

The finding by the scientists from Ruhr University in Bochum, Germany, means it is now relatively straightforward to clone the remote control devices that act as the electronic keys that unlock these restricted areas.

In a paper published earlier this week, they demonstrated a method they say completely breaks the encryption used in the Keeloq security system, which is used by manufacturers of cars, garage door openers and other devices. The hardware-based block cipher is made by US-based Microchip Technology and is used by Honda, Toyota, Volvo, Volkswagen and other manufacturers to securely transmit access codes that are transmitted using radio frequency identification technology.

The scientists from Ruhr's Electrical Engineering and Information Sciences Department were able to defeat the Keeloq's security because it relies on poor key management, in which every key is derived from a master key that's stored in the reading device, according to Timo Kasper, a PhD candidate who worked on the paper. Moreover, it uses a proprietary algorithm that had already been shown to generate cryptographically weak output.

The algorithm was kept secret for most of the two decades it's been in use. That changed about 18 months ago, when an an entry on Wikipedia published the cipher. The research team almost immediately spotted weaknesses.

"If they had made it public they would have found out 20 years ago that it's insecure," Kasper said in an interview. "Now it's a little bit too late, because it's already built into all the garages and cars."

Microchip officials wouldn't be interviewed for this story. They issued a statement that stated: "The most recently published German paper on theoretical attack requires detailed knowledge of the system implementation and a combination of data, specialized skills, equipment and access to various components of a system, which is seldom feasible. These theoretical attacks are not unique to the Keeloq system and could be applied to virtually any security system."

The paper describes a two-step approach to the crack. The first is what's known as a side-channel attack to deduce the master key that manufacturers build into each car lock, garage door opener or other access device that is equipped with Keeloq. One side-channel technique uses an oscilloscope to map how much power is used at precise time intervals while the Keeloq-based access device derives a new key. A similar method analyzes electromagnetic radiation.

Because most access devices are publicly available, it's not too hard for attackers to get their hands on one to perform the analysis. The hack requires about $3,000 worth of equipment and a fair amount of technical skill, but once the unique master key for a particular model is available, it works universally, Kasper said.

Read on for the second step in the attack.

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?