In recent years, the security analysis of automotive systems has gained significant attention, including attacks on the vehicle CAN bus (with severe safety implications) and the immobilizer. In this talk, we present our new work on the insecurity of automotive remote keyless entry (RKE) systems, i.e., the part of the car key that allows to wirelessly open/close the doors and the trunk. We demonstrate different attacks on two extremely widespread RKE systems: the scheme used by the VW group (Volkswagen, Seat, Skoda, Audi) and the Hitag2 system (employed by a number of vendors including Alfa Romeo, Peugeot, Lancia, Opel, Renault, and Ford among others). The talk concludes with a discussion of these attacks in the wider context of automotive security and an outline of potential countermeasures.

1. Wireless Attacks on Automotive
Remote Keyless Entry Systems
David Oswald1
joint work with: Flavio D. Garcia1,
Timo Kasper2 and Pierre Pavlidès1
1. University of Birmingham, UK
2. Kasper & Oswald GmbH, Germany

2. 2

3. Remote Keyless Entry (RKE)
 Active UHF transmitter
(315 / 433 / 868 MHz)
 Unidirectional
 Sometimes integrated
with immobilizer chip
(“hybrid”), sometimes
separate
Immobilizer (Immo)
 Passive RFID at 125 kHz
 Many broken systems
(DST40, Hitag2,
Megamos)
3

4. Fix codes
uid, btn
Eavesdropping and
replay from
10 … 100 m
4

5. Examples for
fix code systems
5

6. Rolling codes
uid, encK(ctr’, btn)
6
uid, encK(ctr’ + 1, btn)
uid, encK(ctr’ + 2, btn)
ctr
Decrypt ctr’
if (ctr < ctr’ < ctr + Δ)
ctr := ctr’
open / close
ctr + Δ
“validity window”

7. Rolling codes
ctr’ incremented on
each button press,
replay fails
uid, encK(ctr’, btn)
7

8. Previous attacks on RKE
• 2007: Cryptanalysis of KeeLoq garage door openers
(216 plaintext/ciphertext pairs) by Biham et al.
• 2008: Side-channel attack on KeeLoq key
diversification (Eisenbarth et al.)
• 2010: Relay attacks on passive keyless entry
systems (Francillon et al.)
• 2015: “RollJam” by Spencerwhyte / Kamkar
(had been proposed before)
8

9. Relay Attacks
9

10. Question:
State of RKE security in 2016
(or: have we learnt from KeeLoq?)

11. Cryptographic attack surface
Option 1: Attack key
management
Option 2: Attack crypto
uid, encK(ctr’, btn)
11

12. The VW Group System

13. VW Group RKE
• > 10% worldwide market share
• Immobilizer (Megamos) and RKE separate
for most vehicles
• Proprietary RKE system, mostly 434.4 MHz
• We analyzed vehicles between ~2000 and today
• Four main schemes (VW-1 … VW-4) studied
13

14. VW Group RKE: signals
Step 1: Eavesdropping & decoding
14

15. Analyzing ECUs
Step 2: Obtain ECUs for analysis (eBay) ...
15

16. Reverse engineering
Step 3: Reverse-engineering ECUs
16

17. Example: VW-3
• AUT64 is a proprietary block cipher, no
trivial attacks known
• … but key K3 is the same in all VW-3 vehicles
• VW-2: Same cipher, different (global) key
• VW-4: Newer cipher, still a global key
• VW-1: Weak crypto (LFSR)
17
AUT64K3
(uid, ctr’, btn’), btn

18. VW RKE demo
18

19. Affected vehicles
• Audi: A1, Q3, R8, S3, TT, other types of Audi cars
(e.g. remote control 4D0 837 231)
• VW: Amarok, (New) Beetle, Bora, Caddy, Crafter, e-Up,
Eos, Fox, Golf 4, Golf 5, Golf 6, Golf Plus, Jetta, Lupo,
Passat, Polo, T4, T5, Scirocco, Sharan, Tiguan, Touran, Up
• Seat: Alhambra, Altea, Arosa, Cordoba, Ibiza, Leon,
MII, Toledo
• Škoda: City Go, Roomster, Fabia 1, Fabia 2, Octavia,
Superb, Yeti
• In summary: probably most VW group vehicles between
2000 and today not using Golf 7 (MQB) platform
19

20. Intermezzo
• Secure crypto ≠ secure system
• Reverse engineering ECU firmware yields a
few worldwide keys
• Attack highly practical and scalable
• MQB allegedly protected
20

21. The Hitag2 System

22. Previous work on Hitag2
• At Usenix Security ’12, Verdult et al. presented a
secret key recovery attack against Hitag2
immobilizer requiring:
– Immobilizer transponder uid
– 136 authentication attempts from the car
– 5 minutes computation
• Note: This attack is not car-only due to the
first requirement
22

23. RKE protocol (simplified)
Diversified keys
id1 k1 ctr1
id2 k2 ctr2
id3 k3 ctr3
uid, btn, ctr, MACk, crc
ctr1
If (ctr1 < ctr’1 < ctr1 + Δ)
then ctr1 := ctr’1 ; open
MACk is 32 bits of
keystream
23

24. Our novel attack requires:
• ≈ 4 to 8 traces (key presses)
• $40 Arduino board can collect them
• Speeding up trace collection:
Device also implements reactive jamming:
uid, btn, ctr, MACk, crc
24

25. Hitag2 RKE attack demo
25

26. Hitag2 RKE vehicles
Opel | Astra H | 2008
Opel | Corsa D | 2009
Fiat | Grande Punto | 2009 26

27. Countermeasures:
What to do?

28. 28

29. Countermeasures
• For owners of affected vehicles:
– Stop using RKE (unrealistic)
– Hope for vendor upgrade (unrealistic)
– Do not leave valuables in car
– Multiple failed unlock attempts = suspicious
• For manufacturers (in general, not only RKE):
– Use secure key distribution and good crypto
– E.g. exchange keys via LF (immo) once and use AES
for RKE
29

30. Conclusions
• We informed VW Group of our findings in
back in Dec 2015 and NXP Semiconductors in
Jan 2016.
• Weaknesses in the Hitag2 cipher known for
many years but still used in new (2016)
vehicles
• This research may explain several mysterious
theft cases without signs of forced entry
• Unfortunately, poor crypto still common in
vehicles (and other long-lifetime systems)
30
and still

31. Thanks for your attention!
Questions?
d.f.oswald@bham.ac.uk