Law enforcementCar immobilizers no longer a problem for car thieves

After a 16-year decline, car theft in Germany rose in 2009, according to figures released recently by the German Insurance Association. One “white hat” hacker, who probes security systems to flag up flaws that can then be patched, thinks he knows why. Karsten Nohl of Security Research Labs in Berlin, Germany, has identified vulnerabilities in the engine immobilizers used to protect modern cars from theft.

A device fitted within the key fob of a modern car broadcasts an encrypted radio signal to the car as the driver starts the vehicle. If the signal is recognized by the car’s receiver, it responds by sending an encrypted signal to the engine control unit (ECU), which allows the car to start. If the driver tries using the incorrect car key fob, the ECU locks down the engine.

New Scientists quotes Nohl to say that for over a decade, immobilizers have played a crucial role in reducing car theft. The proprietary encryption keys used to transmit data between the key fob, receiver, and engine are so poorly implemented on some cars (see New Scientist’s “Castles built on sand”), however, that they are readily cracked, Nohl told the Embedded Security in Cars conference, in Bremen, Germany, last month.

Last year he took just six hours to uncover the algorithm used to create the encryption key in a widely used immobilizer — the Hitag 2 made by Dutch firm NXP Semiconductors — making it easy to “de-immobilize” any car using that algorithm. In 2005 Ari Juels of RSA Labs in Cambridge, Massachusetts, and researchers at Johns Hopkins University in Baltimore, Maryland, took under an hour to crack an encryption system sold by U.S. technology firm Texas Instruments.

Juels says that these cracks were possible because the proprietary algorithms that the firms use to encode the cryptographic keys shared between the immobilizer and receiver, and receiver and engine, do not match the security offered by openly published versions such as the Advanced Encryption Standard (AES) adopted by the U.S. government to encrypt classified information. Furthermore, in both cases the encryption key was way too short, says Nohl. Most cars still use either a 40 or 48-bit key, but the 128-bit AES — which would take too long to crack for car thieves to bother trying — is now considered by security professionals to be a minimum standard. It is used by only a handful of car-makers.

“To our knowledge the direct causal link between the failure to adopt AES systems and the rise in car theft cannot be drawn,” says Thomas Rudolph of NXP. A Texas Instruments spokesperson argues that in some cases the firm’s proprietary cryptographic systems have been shown to be stronger than AES.

Nevertheless, both NXP and Texas Instruments say they have been phasing out their shorter encryption key systems, and both now offer 128-bit AES.

Convincing car-makers to adopt the new systems remains a challenge, says Juels. He thinks they still believe hacking is a minor problem compared with more direct ways of stealing cars. “The reaction we got was that it would be cheaper to use a flatbed truck.”