Back in 2012, a research was conducted by three European researchers about the Megamos Crypto transponder, which is being used widely by hundreds of vehicle manufacturers around the world including Audi, Ferrari, Honda, Porsche, Volkswagen and many others.
The study conducted by the researchers revealed that the hackers could easily exploit the vulnerabilities found within the Megamos Crypto to start the vehicle without any key, and the vulnerability could be exploited within 60 minutes!
This means the device designed to prevent the vehicle from being stolen can easily be disabled, resulting in a keyless theft.
Of course this is a major security flaw found in hundreds of vehicles, but the academic research papers in which all of these vulnerabilities were exposed by the researchers was suppressed by the major car manufacturers for over two years because the researchers lost a case in the high court against Volkswagen resulting in a ban of publication of these papers.
But after almost three years of negotiations between the researchers and the vehicle manufacturers, Volkswagen agreed to unban the publication of the research papers after the acceptance of a proposal that requires removal of one sentence from the papers.
Actually, the researchers were interested in presenting their findings at the USENIX Security Symposium ’13. But now those papers were presented at the USENIX Security Symposium ’15 held at Washington, D.C. last week.
The team, Flavio D. Garcia, Roel Verdult and Bariş Ege of the U.K. based university said that there were a number of security vulnerabilities in the Megamos Crypto, which is manufactured by the Swiss-based firm.
Operation of the said device is very simple, it just prevents the engine from starting if the transponder (i.e. an RFID chip) implanted in the car key does not exist.
But according to the researchers, it is still possible to bypass that verification by listening to the signals being communicated between the key and the transponder, allowing the carjacker to initiate a close-range wireless communication attack hence starting the car.
This is the reason why the giant vehicle manufacturers halted the publication of these papers as it could allow the carjackers with the appropriate tools to exploit the vulnerability and steal the vehicle. On the other hand, researchers were keen to get it published because their key aim was to improve the vehicle security system and get the vulnerability fixed by exposing it publicly.
The researchers said in the research papers that, “Our attacks require close range wireless communication with both the immobiliser unit and the transponder. It is not hard to imagine real-life situations like valet parking or car rental where an adversary has access to both for a period of time. It is also possible to foresee a setup with two perpetrators, one interacting with the car and one wirelessly pickpocketing the car key from the victim’s pocket.”
So the researchers actually somehow managed to reverse-engineer the security mechanisms featured inside the Megamos Crypto transponder, which includes the authentication protocol as well as ciphering the security code.
Using the similar method, the team of researchers attempted to exploit the security system of about ten vehicles including Audi A4, Audi TT, Citroen Jumper, Fiat Punto, Fiat Ducato, Honda Jazz, Skoda Fabia, Volkswagen Golf, Volkswagen Scirocco, Volkswagen Passat, and Volvo S40. They were able to recover the 96-bit RFID secret key.
Nicko Van Someren of Good Technology said:
“This is a great example of what happens when you take an interface that was designed for local access and connect it to the wider Internet. Increasingly, in the rush to connect ‘Things’ for the Internet of Things, we find devices that were designed with the expectation of physical access control being connected to the Internet, the Cloud and beyond. If the security of that connection fails then the knock-on effects can be dire and potentially even fatal.”
Report typos and corrections to email@example.com