Tuesday, April 15, 2008

Is your car safe from code-cracking robbers?


Scientists issue warning against remote-control robbers so beware! Yes, it is possible for car robbers to be on your wavelength. Scientists in Belgium assert that they were able to unlock the code to millions of keyless entry devices used to open vehicles. This means that maybe one of these days, your ride will be driven away by a wise robber.

The researchers from the University of Leuven say that the remote key fobs to all Honda, Toyota and Volvo models can be easily cloned. The codes in cars produced by General Motors, Jaguar and the VW Group can be duplicated as well. If your vehicle is made by one of these manufacturers, be warned otherwise, you will lose your precious investment.

The code-cracking was first on track when an equation was posted on online encyclopaedia Wikipedia, allowing the universal master key to be obtained for vehicles using the KeeLoq coded software. Hackers emphasize that with only one hour’s remote access, from up to 100 metres away from any car’s fob they the key for that particular model can be simply clones. The robbing operation will only require them a capital of only £1,500 worth of specialist equipment! How is that for an illegal business? Wheew.

When the information are already taken, the unique code for any model by that maker can be cracked in just seconds. The cloned keys can’t just be used to unlock doors as alarm systems and immobilisers can be controlled too.So what shall you do to get prepared? The KeeLoq system of the Microchip Technology based in Arizona, US – was thought to be uncrackable, due to the fact that each key fob uses a unique security code from billions of possible combinations. This can probably help you ease the fear of code-cracking thieves.

Keeloq was cryptanalyzed by a certain Andrey Bogdanov using sliding techniques and efficient linear approximations. On the other hand, another expert named Nicolas Courtois attacked Keeloq with sliding and algebraic method. The attacks made by these two experts do not pose any threat to the actual implementations that seem to be vulnerable to simple brute-force of the key space that is reduced in all code-hopping executions of cipher known to date.

The individual code-hopping implementations are usually vulnerable to a replay attack exploited by jamming the channel while intercepting the code, since code hopping is normally done by incrementing the IV on each use instead of using the current time. This has made Keeloq “code grabbers” quite popular among the most car thieves. Although some of them use FPGA-based devices to breal Keeloq based keys by brute force within about two weeks. This is credited to the reduced key length in the real world implementations.

In March 2008, Ruhr University Bochum researchers presented a complete break of remote keyless entry systems based on the Keeloq RFID technology. Such vulnerability applies to all known car and building access control systems that rely on Keeloq cipher. The Bochum team aimed to recover the secret cryptographic keys embedded in both the receiver and the remote control.

Devastating attacks on car keys from Keeloq can be possibly cloned by eavesdropping two messages transmitted by a remote control. However, if you own a car having the Keeloq series that is at least manufactured in 2002, you have nothing to worry since it is designed with effective countermeasures that prevent those upsetting attacks of professional thieves. Now if you are anxious with your old Keeloq series, better have it replaced immediately. The worth is high but the risk of having your vehicle robbed will be trimmed down. Get secured today.

No comments:

Post a Comment