Not as secure as before (Image: Ashley Jouhar/Getty)

For 16 years, car immobilisers have kept car thieves at bay – but that may now be changing

AFTER a 16-year decline, car theft in Germany rose in 2009, according to figures released recently by the German Insurance Association. One “white hat” hacker, who probes security systems to flag up flaws that can then be patched, thinks he knows why. Karsten Nohl of Security Research Labs in Berlin, Germany, has identified vulnerabilities in the engine immobilisers used to protect modern cars from theft.

A device fitted within the key fob of a modern car broadcasts an encrypted radio signal to the car as the driver starts the vehicle. If the signal is recognised by the car’s receiver, it responds by sending an encrypted signal to the engine control unit (ECU), which allows the car to start. If the driver tries using the incorrect car key fob, the ECU locks down the engine.


For over a decade, immobilisers have played a crucial role in reducing car theft, says Nohl. But the proprietary encryption keys used to transmit data between the key fob, receiver and engine are so poorly implemented on some cars (see “Castles built on sand”) that they are readily cracked, Nohl told the Embedded Security in Cars conference, in Bremen, Germany, last month.

Last year he took just 6 hours to uncover the algorithm used to create the encryption key in a widely used immobiliser – the Hitag 2 made by Dutch firm NXP Semiconductors – making it easy to “de-immobilise” any car using that algorithm. And in 2005 Ari Juels of RSA Labs in Cambridge, Massachusetts, and researchers at Johns Hopkins University in Baltimore, Maryland, took under an hour to crack an encryption system sold by US technology firm Texas Instruments.

It took just 6 hours to reveal the algorithm used to create the encryption key in a popular immobiliser

Juels says that these cracks were possible because the proprietary algorithms that the firms use to encode the cryptographic keys shared between the immobiliser and receiver, and receiver and engine do not match the security offered by openly published versions such as the Advanced Encryption Standard (AES) adopted by the US government to encrypt classified information. Furthermore, in both cases the encryption key was way too short, says Nohl. Most cars still use either a 40 or 48-bit key, but the 128-bit AES – which would take too long to crack for car thieves to bother trying – is now considered by security professionals to be a minimum standard. It is used by only a handful of car-makers.

“To our knowledge the direct causal link between the failure to adopt AES systems and the rise in car theft cannot be drawn,” says Thomas Rudolph of NXP. And a Texas Instruments spokesperson argues that in some cases the firm’s proprietary cryptographic systems have been shown to be stronger than AES.

Nevertheless, both NXP and Texas Instruments say they have been phasing out their shorter encryption key systems, and both now offer 128-bit AES.

Convincing car-makers to adopt the new systems remains a challenge, says Juels. He thinks they still believe hacking is a minor problem compared with more direct ways of stealing cars. “The reaction we got was that it would be cheaper to use a flatbed truck.”

Castles built on sand Karsten Nohl’s assessment of dozens of car makes and models found weaknesses in the way immobilisers are integrated with the rest of the car’s electronics. The immobiliser unit should be connected securely to the vehicle’s electronic engine control unit, using the car’s internal data network. But these networks often use weaker encryption than the immobiliser itself, making them easier to crack. What’s more, one manufacturer was even found to use the vehicle ID number as the supposedly secret key for this internal network. The VIN, a unique serial number used to identify individual vehicles, is usually printed on the car. “It doesn’t get any weaker than that,” Nohl says.