Computer farm cracks car key code
A group of international scientists presented a method for defeating the electronic anti-theft mechanisms and alarms used in many cars at the CRYPTO 2007 cryptology conference which ended yesterday. Chrysler, Daewoo, Fiat, General Motors, Honda, Toyota, Volvo, Volkswagen and Jaguar reputedly protect their vehicles with vendor Microchip's KeeLoq technology, which uses an electronic remote control to activate and de-activate anti-theft mechanisms. The remote contains a PIC microcontroller which implements a proprietary, non-linear encryption algorithm for scrambling instructions with a unique code and transmitting them to the vehicle, for example via a radio frequency link. The key is a 32-bit initialising vector in conjunction with a 32-bit hopping code. In addition, a unique device ID is applied.
By combining various cryptanalysis techniques, the scientists managed to compute KeeLoq keys using 50 dual-core systems within two days. According to reports, however, a prospective victim's remote has to be within signal range for data exchange for at least an hour in preparation. It is sufficient however for it to be in the victim's pocket.
- How To Steal Cars — A Practical Attack on KeeLoq, scientists' press release