RFID is back in the news again, but not in a good way. Reports from Spain and the Czech Republic allude yet again to the weaknesses of 40-bit keys and the ease with which those codes can be broken.
The Prague Post reports that one Radko Soucek, dubbed national car theft champion, has been arrested and charged with stealing more than 150 cars. His MO included use of a modified notebook computer to bypass the security systems in high-end vehicles. Radko’s career choice and inspiration came from the movie Gone in Sixty Seconds, and after these travails are behind him, he apparently aspires to acquire a Maybach. In a mock tribute to Radko’s criminal ingenuity, we attach this gratuitous image of a 2005 Maybach Exelero…
And from Madrid, there is additional alarming, or perhaps more accurately, dis-alarming, news. Leftlane News tells us that soccer star David Beckham has had his BMW X5 stolen, not once, but twice. The car thieves used the same technique as above – a modified cryptanalytic process to reconstruct the algorithm used in RFID tags. It takes up to 20 minutes to hack the car’s computer, disable the alarm, release the door locks, and start the engine.
We’ve made note of this prob before … pls refer to our article Security Analysis of RFID Devices of 01/30/05. While we all wait patiently for manufacturers to move to 120 bit or better keyspaces, it seems that the best we can do for the moment is to cover our Comfort Access Keyless Start and Entry xmitter in tin foil.
How a keyless car gets stolen – CNet News, May 8, 2006
Related posts:
{ 2 comments… read them below or add one }
Do you get anything for being the car theft champion, other than jail time? It might make a good event for the next Olympics.
They could make a good movie sequel: Report Your Stolen Car Like Beckham.