If you buy an upscale new car today or in the near future, say a BMW, Mercedes, or Cadillac, there’s a good chance that you won’t have a key. Instead, you’ll have a little fob- sort of like the keyless entry control you are likely used to. To start the car, you’ll just push a button- the car will have confirmed that you have the right fob and will allow you to start the engine (or not). No key to pull out of your pocket or fuss with. This all sounds very high-tech and convenient. Unfortunately, the
methods used by the car and the keyfob to validate each other are pretty porous….easily crackable. Even easier than the keyless entry system. And unlike the keyless entry system, they let you start the car and drive away as if you own it. The article I link to above lays things out pretty clearly, but here’s the gist of it. Remote keyless entry fobs are “active”: they have have a battery and broadcast a signal only when you press the button on the fob. The new keyless ignition systems work the opposite way: the fobs are passive, and the car continously sends out a signal looking for the authorization response. Someone with some basic computer equipment can pick up that signal, identify its nature, and try a simple brute force attack until the car responds. The encryption code (key) used by the cars is a relatively weak 40 bit cryptographic length- for comparison, your web browser supports a 128 bit key. A 40 bit key can be broken by a laptop in a matter of hours: possibly much faster if the thief has some clues such as those given by the car sending out its query signal. Since getting a response means the thief can actually start and drive away in the car without a hitch, and since most cars with this system today are in the $60,000 + range, hacking the code is worth the effort. David Beckham of soccer fame has had his BMW sport utility vehicle stolen this way not once, but twice. Apparently, the manufacturers of the cars using these systems don’t think their vulnerability to hacking is worth worrying about. For myself, I’ll probably think twice if I happen to one day be looking at cars with this keyless ignition feature…