Even more bad news for Volkswagen: security researchers have discovered a huge security hole that affects potentially up to 100 million cars. It’s possible, using hardware as cheap as a $40 setup with an Arduino and an add-on radio transceiver board, to intercept signals from a Volkswagen Group key fob, and then by combining it with a small number of cryptographic keys shared by every VW car, one could essentially clone the car’s key fob.
The vulnerability was discovered by University of Birmingham computer scientist Flavio Garcia and his team, who you might remember from 2013 when they discovered a security flaw in VW’s keyless entry systems, and were then censored from talking about it for two years.
As the abstract to Garcia’s paper describes it:
In our first case study, we show that the security of the keyless entry systems of most VW Group vehicles manufactured between 1995 and today relies on a few, global master keys. We show that by recovering the cryptographic algorithms and keys from electronic control units, an adversary is able to clone a VW Group remote control and gain unauthorized access to a vehicle by eavesdropping a single signal sent by the original remote.
Now, while it isn’t the absolute easiest thing in the world to intercept the key fob’s signal (you have to be within about 300 feet and have the right equipment), it’s hardly impossible, and what’s most alarming here is that you only need to eavesdrop on the signal one time, and only one cryptographic key is shared across millions of Volkswagen Group cars.
In fact, there only seem to be about four secret cryptographic keys for every VW Group car—that includes Audi, Bentley, Skoda, SEAT, and Lamborghini, to name just a few—built since 1995, a number of cars that comes to around 100 million.
Those shared cryptographic keys can be extracted from some of the car’s internal components with admittedly some tricky reverse-engineering, but Garcia and his team aren’t specifying which ones or how, in the hopes that their paper will remain a helpful exposé and not a how-to guide for stealing Jettas. They go into a little more detail in their paper:
Using widely available, standard programming tools for automotive processors, we were able to obtain firmware dumps for all studied ECUs. We then located and recovered the cryptographic algorithms by performing static analysis of the firmware image, searching amongst others for constants used in common symmetric ciphers and common patterns of such ciphers (e.g., table lookups, sequences of bitwise operations). The results of this process are described in more detail for each scheme VW-1–VW-4 in the following. Note that as part of our negotiations with VW Group, and to protect VW Group customers, we agreed to not fully disclose the part numbers of the analyzed ECUs and the employed µCs at this point. We furthermore agreed to omit certain details of the reverse-engineering process, as well as the values of cryptographic keys.
The paper also describes a second remote-hacking technique that affects car makes other than Volkswagen, specifically hacks related to vulnerabilities in the widely-used but aging Hitag2 code scheme used in many key fobs:
Secondly, we describe the Hitag2 rolling code scheme (used in vehicles made by Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, and Ford among others) in full detail. We present a novel correlation-based attack on Hitag2, which allows recovery of the cryptographic key and thus cloning of the remote control with four to eight rolling codes and a few minutes of computation on a laptop. Our findings affect millions of vehicles worldwide and could explain unsolved insurance cases of theft from allegedly locked vehicles.
This hack doesn’t require crypto keys to be extracted from the car, but since Hitag2 uses a set of multiple rolling codes, the eavesdropping equipment needs to listen to the key fob button-click signals enough times to extract eight of the rolling codes. Once the codes are recorded, the team discovered that most cars can be broken into in as little as a minute.
Both these attacks are just for opening the car, and don’t have anything to do with the ignition system. Though, as we recently saw with the wire-to-the OBD thefts of 30 Jeeps recently, once you’re physically in the car, a lot can happen.
We reached out to Volkswagen for comment, but as of press time, have not received a response. We’ll update as we learn more.