If you are a Volkswagen owner, you are most likely to be at risk from a remote cloning attack, according to a new survey.
After reverse-engineering the keyless entry systems of many VW models from the early 2000s to 2016, a team of researchers believe that the vast majority of the 100 million VW Group vehicles sold in this space are vulnerable to a key cloning attack that leaves the ignition and (keyless) entry system exposed to tampering.
Attack can be done by using inexpensive materials, such as commercially available battery radios, which are capable of intercepting and recording the scrolling codes used by keyless systems. Then the same device can emulate the car key.
One of the tools developed for the attack was an RF transceiver with Aduino that costs about 40 dollars.
Researchers from University of Birmingham in England, and the German security company Kasper & Oswald will present their research this week at the Usenix Security Conference to be held in Austin, Texas.
The researchers note that the Volkswagen Group used only a few overall master keys for RKE systems in vehicles sold during the last two decades.
"Με τη γνώση αυτών των κλειδιών, ένας αντίπαλος μπορεί να αφουγκράζεται ένα ενιαίο σήμα από το τηλεχειριστήριο στόχο. Στη συνέχεια, μπορεί να αποκρυπτογραφήσει αυτό το σήμα, να αποκτήσει την τρέχων UID και την τιμή του μετρητή, για να δημιουργήσει ένα κλώνο του αρχικού τηλεχειριστηρίου που κλειδώνει ή απασφαλίζει κάθε θύρα του οχήματος στόχου."
The researchers discovered the master keys in reverse engineering στο firmware των ηλεκτρονικών μονάδων ελέγχου (ECU). Η επίθεση εκμεταλλεύεται τις αδυναμίες στη μέθοδο κατανομής των κλειδιών encryptions.
The researchers briefed the VW group on vulnerabilities and agreed with the company not to disclose cryptographic keys and vulnerable ECU numbers.
