Did VW take EU money to develop clean engines and use it to make defeat devices?
Photograph by Rob Stothard — Getty Images
By David Meyer
August 11, 2016

Security researchers from the U.K. and Germany have revealed how easy it is to clone the wireless keys for millions of cars made by the Volkswagen Group (vlkpy) over the past two decades.

In a paper that will be presented Friday at the Usenix Security Symposium in Austin, Texas, the researchers also described a second attack that would allow hackers to clone the remote controls for some cars from Peugeot (pugoy) , Lancia, Opel, Renault, Alfa Romeo, Ford (f), Chevrolet, Dacia, Fiat (fcau), Nissan (nsany), and Mitsubishi (mmtof).

They recommended owners of affected cars should not only check that the lights blink and the car beeps when they press the lock button on their remotes—they should stop using the remotes altogether and “resort to the mechanical lock of the vehicle.” This way, other people can’t eavesdrop on a remote’s wireless signal, clone the remote, and break into the car.

Get Data Sheet, Fortune’s technology newsletter.

“Our findings affect millions of vehicles worldwide and could explain unsolved insurance cases of theft from allegedly locked vehicles,” wrote researchers Flavio Garcia, David Oswald, and Pierre Pavlidès from the University of Birmingham, and Timo Kasper from the security firm Kasper & Oswald.

These attacks, first reported by Wired, do not overcome cars’ immobilizers. However, they could be used in combination with other well-documented attacks that do, resulting in thefts of cars, not just from them.

With the VW Group’s cars—Volkswagens, Seats, Skodas, ,and Audis—the problem is that they use cryptographic security schemes based on a few master keys, rather than using a different cryptographic key for each remote. The researchers found this out by reverse-engineering, the firmware used in some of the group’s remote keyless entry devices.

The researchers noted that the group sold almost 100 million cars between 2002 and 2015, and said the “vast majority” were vulnerable. They pointed out that they had not closely analyzed the remotes for the VW Group’s luxury brands, including Porsche, Bentley, Lamborghini, and Bugatti.

The researchers said in their paper that the VW Group told them that its latest generation of vehicles uses individual cryptographic keys. However, the researchers also noted that a 2016 Audi Q3 had the vulnerability.

It is unlikely that the VW Group can update or give replacements for all the remotes affected in the short term, the researchers noted, which is why they recommended car owners go back to using physical keys to lock and unlock their cars, and avoid leaving valuables in them.

A Volkswagen spokesman told Fortune that current Golf, Tiguan, Touran and Passat models were “not affected by the problem described.”

“The bar for theft prevention is constantly being raised, but ultimately there is no 100% guarantee for security,” he said, adding that the researchers’ findings would “serve to further improve the security technology.”

As for the second attack, affecting all those non-VW car brands, the researchers were able to reverse-engineer the security protocol that their remotes all use, which is based on an algorithm called Hitag2. They managed to “recover” the cryptographic keys for the remotes in around ten minutes, using a standard laptop.

For more on security, watch:

The remotes using the Hitag2 cipher are all built around chips from the Dutch embedded security company NXP (nxpi).

“We would like to mention that the fact that Hitag2 is cryptographically broken has been publicly known for several years and NXP has already informed their customers back in 2012,” the researchers wrote. “We would further like to highlight that for several years, NXP offers newer [chips] that are not affected by the vulnerabilities described in this paper.”

So with the VW Group remotes, the use of master keys makes them vulnerable. With the other cars’ remotes, the cryptographic system itself was too weak. The equipment needed to intercept and copy the wireless signal from a car’s remote is cheap (approximately $40) and easily accessible.

“The attacks are hence highly scalable and could be potentially carried out by an unskilled adversary,” the researchers wrote. “Since they are executed solely via the wireless interface, with at least the range of the original remote control (i.e., a few tens of meters), and leave no physical traces, they pose a severe threat in practice.”

This article was updated to include Volkswagen’s response.

SPONSORED FINANCIAL CONTENT

You May Like

EDIT POST