Researchers reveal electronic car lock hack after 2-year injunction by Volkswagen
In 2012, researchers at Radboud University in the Netherlands discovered a security flaw in a common automotive security chip used in theft prevention by Volkswagen, Audi, Fiat, Honda, and Volvo vehicles. But after they disclosed their results to the auto manufacturers—a full nine months before they planned to publish them—the automakers sued to keep them quiet.
Today, that suppressed paper is finally being presented at the USENIX security conference in Washington, DC. Entitled “Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer,” the paper details how researchers Roel Verdult, Flavio Garcia, and Baris Ege uncovered weaknesses in the cryptography and authentication protocol used in the Megamos RFID transponder used in car immobilizers used in many luxury vehicles. The list of impacted cars includes vehicles from Volkswagen’s Porsche, Audi, Bentley and Lamborghinis brands.
An immobilizer is an electronic device that is connected to a vehicle’s starter system. It detects the presence (or absence) of a radio frequency identification chip in a key fob or key in proximity to the ignition switch, preventing the engine from starting if it’s not present (therefore deterring car theft by hotwiring or use of an unauthorized duplicate key). There are a number of ways to bypass these systems, including use of a radio amplifier to fool the transponder into believing the RFID chip is closer than it actually is. But the Radboud researchers were able to go further, actually breaking the crypto system used by the Megamos transponder.
View this article: