Car RFID Security System Cracked 383
jmichaelg writes "The NY Times reports that the security chip in new auto keys has been cracked. A team at Johns Hopkins have found a method to extract the 30 bit crypto key that tells your car that the physical key in the ignition switch is the correct key. Texas Instruments has sold some 150 million security chips that are stored in the car key. The devices are credited with reducing car thefts of some car models by 90%. Stealing a crypto key requires standing next to the victim and broadcasting a series of challenges to the key and capturing the responses. The team claims an iPod-sized device would suffice to steal the crypto key in under a second. They advise wrapping your keys in foil when you're not using them. TI admits the team has cracked their code but denies there's any problem."
And? (Score:2, Insightful)
Should they hotwire a car they need to steal an RFID code for, or the one (Like mine, sadly) that you just have to hardwire... or jam a screwdriver in the ignition and twist...
30 Bit Key? That's like soooo 1990 (Score:4, Insightful)
Proof of concept today, Theft tool tomorrow? (Score:1, Insightful)
Do we need to give crooks ideas?
Quite so. (Score:5, Insightful)
Lot's of things are possible. Will any statistically significant number of people try this? And how many will be successful? Not many. It's still safer than a regular key system, people should lose sleep over more realistic problems.
The More Appropriate Question... (Score:5, Insightful)
Re:30 Bit Key? That's like soooo 1990 (Score:2, Insightful)
Regards,
Steve
Re:Proof of concept today, Theft tool tomorrow? (Score:1, Insightful)
Re:Proof of concept today, Theft tool tomorrow? (Score:3, Insightful)
While in the short term White Hat hacking may be detrimental to security, in the long run it is a driving force behind innovation.
Re:Proof of concept today, Theft tool tomorrow? (Score:2, Insightful)
Are you asking for *unbeatable* security? Because as far as I know, there is no such thing unless it uses quantum cryptography.
According to the article, not only does a person need to have specialized equipment, specialized knowledge, but they also need over an hour of computing time, in addition to having to hotwire the car and knowing how to input the code.
"The company that produces these chips are the real thieves" my ass.
Re:Proof of concept today, Theft tool tomorrow? (Score:2, Insightful)
The original poster heavily intimated that the company should deliver unbeatable security... an idea that is at best naive, and at worst demonstrates complete unfamiliarity with the whole concept of security and encryption.
In some places, this very well might be a problem (Score:5, Insightful)
Consider South Africa - an entire arms race grew up around car theft. First the thieves just took cars when they were parked, so the insurance companies insisted that everyone have alarms and immobilisers.
The thieves got around those pretty quick - rumour is that a lot of professional's signed up for work at installation centres, learnt their way around them, and went back to work.
Next step was the gearlock - a device that locks the gearstick into a specific gear. IIRC, you couldn't remove the key on the earlier units unless you had the gearlock in, and if your car was stolen, the insurance company insisted on seeing all 3 keys.
Now with cars being so hard to steal, the age of the hi-jack was ushered in. If they can't get your car while it's parked, they'll take it while it's roll rolling.
In response, anti hi-jack systems became the norm. I can't remember how it was activated, but basically the bad guys show up, you let them take the car, they roll 20 metres down the road and the car cuts out and an alarm starts going off.
Around the same time we also go Satellite tracking, although I seem to remember something about it actually using the cellular infrastructure (GSM) not satellite - I may be wrong on this. Initially, the recovery rate on stolen and hi-jacked cars went through the roof. Unfortunately, the bad guys just upped the stakes. Soon we started seeing more kidnappings and murders as part of hi-jacks because if you can't call the stolen car in, they have longer to chop it.
Many vehicles were stolen to order, and not just new cars. Older cars that were common on the road were often targetted, then broken for spares. Cars that you wouldn't normally think twice about were stolen for export to Botswana and Zimbabwe, because the availability of spares for these made them popular vehicles.
Of my close circle of family and friends, we have had at least 10 cars stolen. Of those, not a single one has been recovered, so it's not a huge risk occupation really
I'm willing to bet that if this flaw is used anywhere, it will be used in South Africa - it's just one more tool for the biggest growth industry around
Haven't we learned anything? (Score:2, Insightful)
Nevermind the cars (Score:3, Insightful)
However, it is much more of a problem in other RFID applications, where the RFID chip is the only key, e.g., highway toll tags (Ezpass), credit card replacements (Exxon/Mobil Speedpass). Sure they say they have backup security in place, such as Speedpass' 'only two fill-ups per day'. But this can still allow for a lot of fraud.
Worse yet, as was the case with identity theft, the the first victims will find it VERY HARD to clear their records and accounts; they will be presumed to be lying until it is common knowledge that the RFID is not secure.
Re:The More Appropriate Question... (Score:1, Insightful)
Forgotten Login
Re:Umm.. (Score:3, Insightful)
The 10 mm round has been downloaded a lot lately so it's more like a beefed up .40 S&W, but full power 10 mm loads are available [doubletapammo.com]. A full power 10 mm load has a lot more velocity than a full power .45 ACP, and close to the same mass. The maximum kinetic energy for a .45+P is about 616 ft lbs, with most +P loads in the 500-550 range. For the 10 mm, there is a 767 ft lb round and many in the 750 range. A full power (not +P) 10 mm load is generally in excess of 700 ft lbs. Of course, the +P loads for the .45 should only be used in modern guns that can handle the chamber pressures. Also, my 10 mm can carry 15 rounds in the magazine and one in the chamber. The .45 ACP round is so fat that a true double stack magazine is not possible for most people's hand, so even the higher capacity .45 handguns have fewer rounds per magazine than those chambered for 10 mm.
The .45 ACP is a good round. In fact, I'd call it outstanding considering it was created in 1911. But modern metalurgy and autoloader design have resulted in technologically better high power rounds, although the disciples of Browning will argue that point with religious conviction.
:^)
I've been told that the state police in my state chose the 10 mm because they wanted a round that could reliably shoot through a car door and be effective on the other side. It's probably more likely that the purchasing decision was simply made by a guy. You know... bigger is always better.