Vehicle remote keyless entry systems and engine immobilisers: Do not believe the insurer that this technology is perfect

Computer Law and Security Review

Volumn 28, Issue 2, 2012, Pages 195-200

  Mason, Stephen ^a  

^a NONE

Author keywords

Digital evidence; Engine immobilisers; Theft of motor vehicles; Vehicle remote keyless entry systems

Indexed keywords

AUTOMOBILE ELECTRONIC EQUIPMENT; ENGINES; TELECONTROL EQUIPMENT;

DIGITAL EVIDENCE; ELECTRONIC SYSTEMS; MOTOR VEHICLE; REMOTE KEY-LESS ENTRY SYSTEMS;

AUTOMOBILE MANUFACTURE;

EID: 84859019644     PISSN: 02673649     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.clsr.2012.01.004     Document Type: Article

References (49)

1. Richard Scott, the transport correspondent for the BBC, is recorded as stating that unless criminals can get their hands on the keys, new cars are all but impossible to steal, in Car industry declares victory in war on thieves, BBC News, 16 June 2011, available at http://www.bbc.co.uk/news/uk-13787442
2. the following assertion is taken from the Aviva Risk Management Solutions web site entitled Knowledge Store, Motor Vehicle Security [Hardfacts]: Immobilisers prevent the engine from starting without the original key or transponder by isolating at least two of the operating circuits https://help.aviva.co.uk/risksolutions/motor-risk/vehicle/REF-HF11001
3. the evidence does not support these assertions, although the following article illustrates that vehicle security devices undoubtedly reduced the numbers of thefts until thieves worked out how to by-pass the systems put in place by manufacturers: Graham Farrell, Andromachi Tseloni and Nick Tilley, The effectiveness of vehicle security devices and their role in the crime drop, Criminology and Criminal Justice, February 2011, 11: 21-35. This article includes a number of references to a wide variety of relevant research in the field
4. For an example of this problem, John Holl, High-tech thieves use laptops to steal cars, ForbesAutos.com, 26 June 2006, available at http://www.msnbc.msn. com/id/13507939/ns/business-autos/t/high-tech-thieves-use-laptops-steal-cars/
5. John Leyden, Thieves jam key-fob lock signals in mystery car thefts, The Register, 21 September 2010, available at http://www.theregister.co.uk/2010/09/ 21/car-jammer-vehicle-theft-scam/
6. and Duncan Graham-Rowe, Criminals find the key to car immobilisers, New Scientist, 6 December 2011, Issue 2789, available at http://www.newscientist. com/article/mg20827894.500-criminals-find-the-key-to-car-immobilisers.html
7. Council Directive 74/61/EEC of 17 December 1973 on the approximation of the laws of the Member States relating to devices to prevent the unauthorized use of motor vehicles, OJ L38, 11.2.1974, p. 22-28
8. Commission Directive 95/56/EC, Euratom of 8 November 1995 adapting to technical progress Council Directive 74/61/EEC relating to devices to prevent the unauthorized use of motor vehicles, OJ L286, 29.11.1995, p. 1-44
9. An early text is Kerstin Lemke, Christof Paar and Marko Wolf, editors, Embedded Security in Cars (Springer-Verlag, Berlin, 2006)
10. Kerstin Lemke, Ahmad-Reza Sadeghi and Christian Stüble, Anti-theft Protection: Electronic Immobilizers, pp 54-66
11. and Kai Schramm, Kerstin Lemke and Christof Paar, Embedded Cryptography: Side Channel Attacks, pp 187-204 in Kerstin Lemke, Christof Paar and Marko Wolf, editors, Embedded Security in Cars (Springer-Verlag, Berlin, 2006)
12. Aurélien Francillon, Boris Danev and Srdjan Capkun, Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars available at http://eprint.iacr.org/2010/332.pdf
13. See Michael Bender, The Fast, The Fraudulent, & The Fatal: The Dangerous and Dark side of Illegal Street Racing, Drifting and Modified Cars, (Authorhouse, 2009) for a description of the remote keyless entry system at pp 79-93
14. Kerstin Lemke, Ahmad-Reza Sadeghi and Christian Stüble, Anti-theft Protection: Electronic Immobilizers in Kerstin Lemke, Christof Paar and Marko Wolf, editors, Embedded Security in Cars (Springer-Verlag, Berlin, 2006), pp 52-54
15. note that a vehicles immobiliser system can be affected by the radio waves emanating frombuildings, thus requiring vehicles to be towed away, as occurs in Bern: Gunther B. Pamberg, letter to the editor, Financial Times, April 9/April 10, 2001, p 10
16. Electronic car key fobs fail on Southampton street, BBC News (Hampshire and the Isle of Wight), 12 October 2011, available on-line at http://www.bbc.co.uk/news/uk-england-hampshire-15278838
17. For attacks on awell-known and widely used software systemfor garage doors and vehicles, see Sebastiaan Indesteege, Nathan Keller, Orr Dunkelman, Eli Biham and Bart Preneel, A Practical Attack on KeeLoq, in Nigel Smart, editor, Advances in Cryptology EUROCRYPT 2008, LectureNotes in Computer Science, Volume 4965, (Springer-Verlag, 2008) pp 1-18
18. Thomas Eisenbarth, Timo Kasper, Amir Moradi, Christof Paar, Mahmoud Salmasizadeh and Mohammad T. Manzuri Shalmani, On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme, in David Wagner, editor, Advances in Cryptology - CRYPTO 2008 Proceedings of the 28th Annual International Cryptology Conference, Lecture Notes in Computer Science, Volume 5157, (Springer-Verlag, 2008), pp 203-220
19. Martin Novotný and Timo Kasper, Cryptanalysis of Keeloq with COPACOBANA, in ECRYPT II (SHARCS 09), 9-10 September 2009, Lusanne, Switzerland, pp 159-164
20. Markus Kasper, Timo Kasper, Amir Moradi and Christof Paar, Breaking KeeLoq in a Flash: On Extracting Keys at Lightning Speed in Bart Preneel, editor, Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology (Springer-Verlag, 2009), pp 403-420
21. Amir Moradi and Timo Kasper, A New Remote Keyless Entry System Resistant to Power Analysis Attacks, in Seventh International Conference on Information, Communications and Signal Processing - ICICS 2009, (IEEE, 2009), available at http://www.emsec.rub.de/chair/-staff/amirmoradi/
22. Thomas Eisenbarth, Timo Kasper, Amir Moradi, Christof Paar, Mahmoud Salmasizadeh and Mohammad T. Manzuri Shalmani, Physical Cryptanalysis of KeeLoq Code Hopping Applications, available at http://eprint.iacr.org/2008/058.pdf
23. Christof Paar, Thomas Eisenbarth, Markus Kasper, Timo Kasper and Amir Moradi, KeeLoq and Side-Channel Analysis-Evolutionof an Attack, in Luca Breveglieri, Israel Koren, David Naccache, Elisabeth Oswald and Jean-Pierre Seifert, editors, Workshop on Fault Diagnosis and Tolerance in Cryptography, Proceedings of the Sixth International Workshop, FDTC2009 (IEEEComputer Society, 2009), pp 65-69
24. Idan Sheetrit and Avishai Wool, Cryptanalysis of KeeLoq code-hopping using a Single FPGA (2011), available at http://eprint.iacr.org/2011/
25. John D. Sutter, Howtounlock a car with a textmessage 3August 2011, CNN, http://edition.cnn.com/2011/TECH/mobile/08/03/black.hat.war.texting/
26. Digital car jacking - Researchers show how to unlock, start a car remotely, Homeland Security News Wire, 5 August 2011 http:// homelandsecuritynewswire.net/ researchersshow-how-unlock-start-car-remotely
27. Texting, grand theft auto style; alarms pose risk, Associated Press, 19 August 2011; their presentation is available at War Texting: Identifying and Interacting with Devices on the. Telephone Network, http://www.isecpartners.com/ storage/docs/presentations/iSEC-BH2011-War-Texting.pdf
28. These methods are discussed and illustrated in Stephen C. Bono, Matthew Green, Adam Stubblefield, Ari Juels, Aviel D. Rubin and Michael Szydlo, Security analysis of a cryptographically enabled RFID device, Proceeding SSYM05 Proceedings of the 14th conference on USENIX Security Symposium, Volume 14, pp 1-15
29. for an introduction to some of the issues relating to vehicle security, see Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, Tadayoshi Kohno, Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham and Stefan Savage, Experimental Security Analysis of a Modern Automobile, 2010 IEEE Symposium on Security and Privacy, pp 447-462
30. Jarno van de Moosdijk and Dick Visser, Car security: remote keyless "entry and go", revision 232 (June 2009) refer to this in their paper
31. Smugglers of illegal drugs identify people crossing frequently between Mexico and the United States, acquire the vehicle identification number of the motor car from the dashboard, then obtain a duplicate key for the car from a corrupt lock smith with access to the relevant vehicle database (Ford vehicles were the vehicles mainly chosen); they then place the drugs into the boot of the vehicle, and the driver unwittingly drives the car across the border with the drugs: Jason Beaubien, At Border, Teacher Becomes Unwitting Drug Smuggler, 21 July 2011, NPR at http://www.npr.org/2011/07/21/138548294/ at-border-teacher- becomes-unwitting-drug-smuggler
32. for more detail, see an FBI criminal complaint filed on 1 July 2011 in the U.S. District Court Western District of Texas in the case of United States of America v Jesus Chavez at http://txn.fd.org/Blind%2520mules, %2520FBI%2520affidavit,%2520July%25202011.pdf
33. That is, despite the failure to provide a proper evidential foundation and the fact that digital evidence is far from perfect, for which see Stephen Mason, general editor, Electronic Evidence, (2nd edn, LexisNexis Butterworths, 2010), Chapter 5
34. For an instructive discussion about the merits of the evidence surrounding a similar case in the USA, albeit in the context of legal proceedings, see McCoy v Progressive West Insurance Company, No. B199978, 2009 DJDAR 2849 (Cal. Ct. App. Feb. 26, 2009) an appeal from a judgment of the Superior Court of Los Angeles County, available at http://law.justia.com/cases/ california/courtof-appeal/2009/b199978/
35. This is changing, especially with high end motor vehicles. For instance, the McLaren MP4-12C is almost entirely controlled by software, which has caused serious problems. Ron Dennis has admitted that virtually every single problem has its root cause in software, and if customers wanted to take delivery of a vehicle immediately, they would have to do so without satellite nagivation or with a working in-car telephone: Teething problems for McLaren - with knobs on, The Times, Saturday 12 November 2011, 63
36. Manfred Broy, Challenges in Automotive Software Engineering, Proceedings of the 28th international conference on software engineering, (ACM, 2006), pp 33-42
37. For just one early example of the research and development of software for motor vehicles, an entire issue (IE 30 Issue 2, May 1983) of IEEE Transactions on Industrial Electronics was given over to articles relating to the use of software in vehicles. For more recent articles, see H. Gharavi, K. V. Prasad and P. A. Ioannou, Special Issue on Advanced Automobile Technologies, Proceedings of the IEEE, February 2007, Volume 95, Issue 2, pp 325-327
38. M. Broy, I.H. Kruger, A. Pretschner, C. Salzmann, Engineering Automotive Software, Proceedings of the IEEE, February 2007, Volume 95, Issue 2, pp 356-373
39. Kevin Poulsen, Hacker Disables More Than 100 Cars Remotely Wired, 17 March 2010
40. Charles Arthur, TomTom satnav data used to set police speed traps The Guardian, 28 April 2011
41. Dan Goodin, Hacker pwns police cruiser and lives to tell tale The dark side of situational awareness, The Register, 3 May 2011
42. Kevin Finisterre, Owning a cop car, at http://www.digitalmunition.com/ OwningCopCar.pdf
43. Stuart McClure, André Weimerskirch, Ph.D., Marko Wolf, Ph.D., Professor Christof Paar, Winfried Stephan and Stefan Goss, Ph.D., Caution: Malware Ahead An analysis of emerging risks in automotive system security (McAfee/Wind River, 2011) at http://www.mcafee.com/us/resources/reports/ rpcaution-malware-ahead.pdf
44. Michael Barr, Firmware forensic: best practices in embedded software source code discovery, Digital Evidence and Electronic Signature Law Review, 8 (2011), 148-151 for a discussion of the tests that should be carried out and those tests that were not carried out by the National Highway Traffic Safety Administration and the team from NASAs Engineering and Safety Center, thus undermining the conclusions in their joint report
45. Gunther B. Pamberg, Tylers appliances are caught in a Bermuda triangle letter to the editor, Financial Times, April 9/April 10, 2011, 10
46. Commission Regulation (EC) No 1400/2002 of 31 July 2002 on the application of Article 81(3) of the Treaty to categories of vertical agreements and concerted practices in the motor vehicle sector, OJ L 203, 1.8.2002, p. 30-41
47. Commission Regulation (EU) No 461/2010 of 27 May 2010 on the application of Article 101(3) of the Treaty on the Functioning of the European Union to categories of vertical agreements and concerted practices in the motor vehicle sector (Text with EEA relevance), OJ L129, 28.5.2010, p. 52-57
48. Commission notice Supplementary guidelinesonvertical restraints inagreements for the sale and repair of motor vehicles and for the distribution of spare parts for motor vehicles (Text with EEA relevance), OJ C 138, 28.5.2010, p. 16-27
49. Marcus Heitman, Security Risks and Business Opportunities in In-Car Entertainment in Kerstin Lemke, Christof Paar and Marko Wolf, editors, Embedded Security in Cars, pp 242-244