Prius Security System Cracked
by Matthew Sparkes, London, UK on 08.26.07
A talk given at the computer security conference, CRYPTO 2007, explained how the key-fob system installed on the Toyota Prius has been cracked. The KeeLoq auto anti-theft cipher is used in common devices made by Microchip Technology Inc, which are also used by Chrysler, Daewoo, Fiat, General Motors, Honda, Volvo, Volkswagen, and Jaguar.
The attack requires that the thief gets within range of your RFID keyfob, in order to break the encryption. This could mean stealing your keys, or just sitting next to you in a cafe with a laptop. The cipher used in these devices is 64 bit, which has always been theoretically possible to break, but has now been shown to be breakable in about an hour. This is important, because the shorter the amount of time required with the key, the more likely this attack is to become used outside of a research lab.
I've written about the possibiliity of this kind of attack in the past, and I spoke to several manufacturers while researching the pieces. The general opinion is that a higher level of encryption could be used, but it would be costly to make the change. At the moment, this kind of attack is incredibly rare, but it will likely become more common and then manufacturers will have to race to catch up. ::Slashdot
Thirsty for more? Check out these related articles:
- GreenBuild: Project Frog
- Chrysler To Ax Two Hybrid Models
- Bolivia's Lithium Reserves Could Power Electric Car Boom
- Can Obama's Monster Limo Be a Hybrid? Yes It Can!
With the lifetime of an automobile ten years or more, automakers either need to design security features using standards well in advance of current technology, or allow for them to be easily "upgraded". If not both.
Or, the justice system needs to go back to hanging people for stealing horses, or the modern-day equivalent.
We'll compost the carcasses.