Prius Security System Cracked

Treehugger
Posted : 2007-08-26 13:17:36

A talk given at the computer security conference, CRYPTO 2007, explained how the key-fob system installed on the Toyota Prius has been cracked. The KeeLoq auto anti-theft cipher is used in common devices made by Microchip Technology Inc, which are also used by Chrysler, Daewoo, Fiat, General Motors, Honda, Volvo, Volkswagen, and Jaguar.

The attack requires that the thief gets within range of your RFID keyfob, in order to break the encryption. This could mean stealing your keys, or just sitting next to you in a cafe with a laptop. The cipher used in these devices is 64 bit, which has always been theoretically possible to break, but has now been shown to be breakable in about an hour. This is important, because the shorter the amount of time required with the key, the more likely this attack is to become used outside of a research lab.

I've written about the possibiliity of this kind of attack in the past, and I spoke to several manufacturers while researching the pieces. The general opinion is that a higher level of encryption could be used, but it would be costly to make the change. At the moment, this kind of attack is incredibly rare, but it will likely become more common and then manufacturers will have to race to catch up.