Modern transponder-equipped car keys are supposed to be ultrasafe: The chip-keys and key fobs communicate with readers inside the car, allowing the car to start only once a secret digital password has been transmitted. But a team of security researchers says they’ve figured out a way to circumvent the system used by some of the world’s largest automakers—and that Volkswagen Group used a lawsuit to keep their findings from going public for more than two years.
London’s Daily Mail reports that three researchers have found a security loophole in the Megamos Crypto transponder, the in-car electronic device that confirms the key or keyless transponder present inside the car is genuine before allowing the car to start. Megamos Crypto transponders are found in numerous models from Audi, Honda, Volkswagen, Volvo, and many other carmakers.
As the Daily Mail explains, the system is supposed to be uncrackable: the 96-bit code exchanged between the key and vehicle means there are “countless billions of possible combinations,” making a random guess virtually impossible. But the hackers discovered that by listening in to the radio communication between the key and the car just twice, they were able to narrow down the number of guesses it would take to crack the code to just 196,607 attempts. For a computerized “brute force” system, which the hackers were able to build, such a feat could take less than 30 minutes—and once the proper code is found, making a duplicate key that works just like the original is easy.
August 20, 2015 at 8:58 am by Robert Sorokanich