craig1410
|
| posted on 28/8/07 at 09:13 AM |
|
|
Keeloq security system cracked.
Hi,
Anyone seen the stuff in the news (possibly old news) about the commonly used Keeloq security system being cracked?
http://blog.wired.com/27bstroke6/2007/08/researchers-cra.html
If so, does anyone have a definitive list of vehicles potentially affected by this - I'm keen to know if my car is affected or not.
Also, does anyone know if there is anything which can be done to safeguard against the attack? Presumably if you never use your remote key fob then
nobody can "sniff" your codes - yes?
Cheers,
Craig.
|
|
|
|
|
BenB
|
| posted on 28/8/07 at 09:39 AM |
|
|
It can be cracked without you pressing any of the buttons.....
but it would require "their" equipment to be within range of your keys for just over an hour with a very fast computer.....
Worrying though....
|
|
|
craig1410
|
| posted on 28/8/07 at 09:55 AM |
|
|
Yes I know they can hack my specific keys if they have close contact with them but I also believe they can do this 1 hour process with ANY set of keys
for a given manufacturer (or perhaps model?) and then they can hack any other specific car in a couple of seconds by sniffing the remote central
locking signal.
I'm guessing that the "1-hour" codes will soon propagate via the internet for all car types which will then leave individual cars
vulnerable to local sniffing. I'm thinking the best bet is to physically safeguard my keys (as I always do) and stop using the remote locking to
prevent sniffing.
However, I still don't know if my car uses Keyloq or not. It's a 2005 ('54) SEAT Cupra R 225.
Cheers,
Craig.
|
|
|
iank
|
| posted on 28/8/07 at 10:17 AM |
|
|
VAG aren't mentioned by the inquirer in their report.
They have Honda, Ford, General Motors, Mercedes Benz and Jaguar.
http://www.theinquirer.net/?article=41929
A classic example of security by obscurity being a broken way to do business.
--
Never argue with an idiot. They drag you down to their level, then beat you with experience.
Anonymous
|
|
|
smart51
|
| posted on 28/8/07 at 10:25 AM |
|
|
The security algorythms I've worked with have an increasing time delay between sussesive failed challenges to prevent brute force cracking
techniques. I guess not everyone does this.
Your remote central locking key only transmitts when you press the button, so this cannot be "sniffed" just by being near you.
Immobiliser keys have a very small range (a few 10s of mm) so you'd have to be stood against the machine for them to read your key. Again, not
all cars are the same.
|
|
|
Peteff
|
| posted on 28/8/07 at 10:36 AM |
|
|
So stick a big yellow kludge on your steering wheel to make it awkward for them. No problem.
yours, Pete
I went into the RSPCA office the other day. It was so small you could hardly swing a cat in there.
|
|
|
MikeR
|
| posted on 28/8/07 at 10:54 AM |
|
|
If you read the wikipedia link VW are mentioned as using the system.
Reality check - your car will be safe for quite some time. I'm guessing the average car thief isn't some uber criminal so won't have
the right kit.
I also believe there are some flaws in the statement. The battery power in a keyfob is minimal - it would be very hard in practice to scan a fob from
any distance. Think of all the other electronic devices giving out distorting electromagnetic radiation.
|
|
|
craig1410
|
| posted on 28/8/07 at 12:16 PM |
|
|
quote:
Originally posted by MikeR
If you read the wikipedia link VW are mentioned as using the system.
Reality check - your car will be safe for quite some time. I'm guessing the average car thief isn't some uber criminal so won't have
the right kit.
I also believe there are some flaws in the statement. The battery power in a keyfob is minimal - it would be very hard in practice to scan a fob from
any distance. Think of all the other electronic devices giving out distorting electromagnetic radiation.
Mike,
I'm not so confident as the world is pretty small these days and word gets around very fast. Sniffers have been available for a long time in one
form or another but this is the first time I have been aware of a "crack" affecting potentially such a wide range of vehicles.
I'd like to know what the risks really are and what the manufacturers are planning to do about it. My car is still under warranty - I wonder if
this could be considered a "fault" which should/can be resolved or if my only recourse will be to fit an aftermarket immobiliser which
uses a more secure system. I still don't know if my car uses Keyloq or not!
Cheers,
Craig.
|
|
|
Angel Acevedo
|
| posted on 28/8/07 at 02:17 PM |
|
|
Somewhere in the internet I found the schematics for an inmobilizer, activated via a hidden magnetic switch. then it is active while the key is on.
Once you remove the key, it activates again. As there is no visible switch, it is very unlikely that the thieve will sort it out.
Beware of what you wish.. for it may come true....
|
|
|
craig1410
|
| posted on 28/8/07 at 10:06 PM |
|
|
quote:
Originally posted by Angel Acevedo
Somewhere in the internet I found the schematics for an inmobilizer, activated via a hidden magnetic switch. then it is active while the key is on.
Once you remove the key, it activates again. As there is no visible switch, it is very unlikely that the thieve will sort it out.
Another variant of the "hidden switch" technique eh? 
I guess if you take a factory vehicle and reroute some wires or alter it in some way then it's bound to make the theives life more difficult but
then of course your insurance company says, "Is your vehicle modified?" I'm not sure I want to have to tell them that I have messed
about with the alarm system. They might not be overly impressed even if in reality it does make the car harder to steal.
I hope that this whole Keeloq issue gets sorted fast and I hope that it can be sorted out with a quick firmware update or something which can be
carried out as part of the annual service. I can certainly do without the hassle of waking up to find my car missing in the morning...
Cheers,
Craig.
|
|
|
