Industry News

Silenced for two years by Volkswagen, car hackers reveal their paper into security hole

Two years ago, a trio of researchers were preparing to present the findings of their investigation into the security of car immobilisers used by luxury cars.

The way these devices are supposed to work is like this:

You sit in your car, and push the “Start” button. The engine should remain immobilised, and refuse to start, unless a cryptographic algorithm on the key’s RFID transponder correctly verifies the identity of the key being used to start the motor.

If you don’t have the right key on you, the car should refuse to start. The car thief, hopefully, walks away in frustration.

transponder

The researchers, a lecturer in Computer Science at the University of Birmingham in the UK, and two colleagues from the Radboud University in the Netherlands, found a problem with the Megamos Crypto system used on some cars, and believed that the public had a right to know about the security weakeness.

The research paper planned for presentation at the USENIX Security Symposium in August 2013, would describe both the algorithm and the weakness within it.

However, their hopes of making the flaws public were dashed by the UK’s High Court of Justice, who ordered that the talk should not be presented and that key parts of their research must not be published.

The court’s concern was that the research by Flavio Garcia, Baris Ege and Roel Verdult would mean “that car crime would be facilitated”, as criminals could exploit the security weakness to steal expensive cars such as Audis, Bentleys, Porsches, and Lamborghinis.

And who had asked the court to silence the researchers? Car manufacturing giant Volkswagen and French defence group Thales.

Now, in August 2015, the researchers’ paper is finally being presented at the USENIX security conference in Washington DC, two years later than originally planned, detailing how the Megamos Crypto system – an RFID transponder that uses a Thales-developed algorithm to verify the identity of the ignition key being used to start their motors – can be subverted.

In other words, the researchers explain how they managed to wirelessly lockpick car immobilisers – a technique which could also be used by sophisticated car thieves, stealing expensive cars to order.

The research paper itself is already available for download.

As Bloomberg reports, the problem is not necessarily limited to high-end vehicles such as Volkswagen-owned luxury brands as Audis, Bentleys and Porsches, but also Fiats, Hondas, and Volvos.

In the chart below, taken from the researchers’ paper, vehicles are shown that have used Megamos Crypto, with those specifically experimented with shown in bold.

car-chart

 

In their paper, entitled “Dismantling Megamos Crypto: Wirelessly Lock-picking a Vehicle Immobiliser”, the researchers claim that they found a software program on the internet containing the Megamos Crypto algorithm, and were able to find a weakness enabling it to be compromised.

Disturbingly, the researchers claimed that the program had been available on the internet since 2009, giving plenty of opportunity for the criminally-minded to make similar discoveries.

The researchers had told Swiss firm EM Microelectronic, the manufacturers of the microprocessor included in the immobiliser used by Volkswagen, about the security hole in 2012, and then to Volkswagen directly in May 2013.

According to researcher Roel Verdult speaking to Bloomberg, the paper’s final release into the public domain comes with one sentence redacted:

“This single sentence contains an explicit description of a component of the calculations on the chip,” Verdult said, adding that by removing the sentence it was much more difficult to recreate the attack.

As such, maybe the paper in its current form is not quite a blueprint for sophisticated criminals to steal luxury cars with ease, but there remains a clear problem for the car manufacturers who have sold millions of vehicles with potentially vulnerable systems.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.

1 Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • Putting an embargo in place while the problem is fixed and a recall is performed, is fine; but I’ve not ready anything that suggests that VW has fixed anything!
    Hiding behind a legal department doesn’t make the problem go away; nor does it prevent criminals from discovering the same vulnerabilities – their approach is similar to that of Mary Ann Davidson of Oracle… Shoot the messenger, bury-head-in-sand, and hope the problem disappears.

    I hope anyone who’s had their high-end VW-Group models stolen, over the last few years, start-up a Class-Action suit and sue VW for negligence.