Breaking a Car's Cipher

An anonymous reader alerts us to research out of Belgium and Israel that claims a practical attack on the KeeLoq auto anti-theft cipher. Here are slides from a talk (PDF) at CRYPTO 2007. From the researchers' site: "KeeLoq is a cipher used in several car anti-theft mechanisms distributed by Microchip Technology Inc. It may protect your car if you own a Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Volvo, Volkswagen, or a Jaguar. The cipher is included in the remote control device that opens and locks your car and that controls the anti-theft mechanisms. The 64-bit key block cipher was widely believed to be secure. In a recent research, a method to identify the key in less than a day was found. The attack requires access for about 1 hour to the remote control (for example, while it is stored in your pocket). The attacker than runs the implemented software, finds the secret cryptographic key, and drives away in your car after copying the key." Update: 07/23 15:27 GMT by KD : One of the researchers, Sebastiaan Indesteege, pointed out that the link to the paper was incorrect; their paper has not yet been released to the public. I also managed to mis attribute his nationality. He is Belgian, not Dutch. My apologies.

Wrong paper

[mkilmo]

The linked paper is by Bugadanov (requires the entire code book). The authors of this paper have not published their paper in the wild (yet).

learn to read, you insensitive clod

[Anonymous Coward]

OK, what part of "Katholieke Universiteit Leuven, Belgium" looks like "researchers in The Netherlands"??

In other news: The Canadian president George W. Bush invaded Iran because of the 9/11 attack on the World Trade Center of Chicago.

Re:So?

[morgan_greywolf]

On most newer cars, there's also an anti-theft chip in the key itself. The information stored on this chip is directly linked to the VIN number of the car. So the person would ALSO have to copy your key, as it says in TFS. These keys are around $80, and you used to have to get them from the dealer, but apparently nowadays you can get them from Wal*Mart.

Re:So?

[Znork]

"Or did I miss something ?"

Yep. Passive RFID chips require so little energy that the reader can power them with the current the antenna produces when hit by the EM waves from the reader. Usually this means that you have to hold the chip (card, key, etc) very close to the reciever (against it, the key in the lock, etc).

However, that proximity is only necessary if you use the standard reader. There's nothing stopping someone from getting a standard reader and jacking up the power enough to activate and read the chips from a much greater distance.

Unless you get a tin-foil wallet. And tin-foil pockets. Etc.

Re:Not really

[Bert64]

I do similar, but i buy an older car (one that has already lost all of its value) that is still legally roadworthy...
Then i do the absolute minimal servicing on it, and insure it third party only (the minimum legal level of insurance) and drive it around until it either stops working, or becomes unroadworthy... Then it gets scrapped.
Ofcourse, i am also a member of a breakdown organization!
A side effect of driving a junk car, is that noone will want to steal it. One of the cars i had didn't even lock, and yet it still didnt get stolen because it was dirty, dented and rusty.

Re:Summary

[Anonymous Coward]

It gets better: According to the paper, one hour's access is an upper bound - they found on average that 256 exchanges were needed for most keys to be able to guess them correctly. One attempt per second, that's five minutes.

Re:Bottom line

[cayenne8]

"I am not very sympathetic at this point, because I bought an affordable car that isn't popular among car thieves. It looks fine, runs great, has low maintenance costs, and never gets broken into.

If you are buying a fancy car to show off your wealth or whatever, when perfectly good alternatives exist, you deserve to be robbed.

If you can't afford to have your expensive car stolen, then can you really afford that expensive car?"

Not everyone buys an expensive car to show off....many people just like performance.

That being said, often it is NOT the ultra luxury, expensive cars that are the most often stolen ones, at least in the US. The past few years the list of most stolen cars are the common, non-expensive models, usually slightly older Hondas or Toyota Camry's or the like.

Those are easy to steal, and chop up for parts.....at stolen Porsche GT3 is gonna stand out like a sore thumb when it gets reported stolen, but, a camry will blend in to traffic like all the other ones out there.

While I'd hate to get my car stolen...much like anything I own, that IS what insurance is for.

I love my 'toys', but, really, there just isn't much in life that can't be replaced...cars, tvs, women, furniture...etc.

Re:Old reliability data

[Technician]

It's simply not worth it to have to deal with electronics that break, batteries that die, etc.

That has turned out to be FUD now that they are getting lots of miles now. The battery pack is easier to change than a typical transmission and now costs less. In addition it has been proven more reliable. (Google search Prius Battery Failures). The little 12 volt battery is a much higher failure rate item needing a 3-5 year replacement cycle just like their conventional counterparts.

In the trade of of mechanical parts for electronic, most mechanical high failure items on the Prius has been eliminated.

Here is a short list..
No belts, not even for a water pump or AC.
No Hydraulics hoses or lines except the brakes.
No leaky AC rubber hoses or shaft seals.
No clutches, pressure plates, bands, or hydraulics of any kind in the transmission

Here is how the improvements work.
The AC is a sealed electric unit like a home refrigerator. The compressor is body mounted eliminating Leaky shaft seals, belts, clutch, and hoses.

The transmission has 7 moving parts. None of them is any kind of friction, shift, or hydraulic part. It's built like and as reliable as a differential. The battery pack is composed of 7.2 volt modules. A module failure does not equal a battery pack replacement.

The Power steering is a linear electric motor for assist. This eliminates the power steering pump, hoses, and power steering fluid issues.

The power brakes use a compressor so it is a trade off for the vacuum module for a compressor.

The cooling system is powered by electric pumps. It traded belt driven problems for electric pump problems. I haven't seen reliability reports on these pumps yet which is a good thing.

Even the starter moter with it's brushes, solonoid bendix gear and other failure items has been eliminated. The brushless AC Motor/Generator set in the transmission starts the engine.

I studied all these issues before I bought a Prius. TCO is an important number to me.

For me personally, Here are some of my stats.

I have 120,000 on my Prius. At 20,000 and 80,000 miles I changed tires (the originals don't wear well). At 70,000 miles I had to change the 12 volt battery in late 2005 so it lasted almost 4 years.
At the last tire change, I had the brakes checked. I have 80% remaining. Other than give it gas and regular oil changes, it has required zero repairs except a rock chip in the windshield.

Most other cars I drove with over 100,000 miles were getting into needing starters, alternators, brakes, belts, power steering, Air Conditioner, and transmission service.

Re:So? CNC...

[fredklein]

I've raked a lock open before.

Lock picking is NOT that complicated. Basically, just apply a rotation to the cylinder, while pushing each pin up until you find the one that binds. (Locks are not perfect, one pin will usually bind before the others.) Push that pin up until the shearline is at the right point, and the cylinder will rotate slightly, keeping that pin in place. Repeat to find the next pin that binds.

Now, there are some types of locks that make it harder to do this. (Through various means I won't get into here.) But ANY lock can be 'picked', even if just by bruteforcing it.