By on August 17, 2015


Volkswagen has spent over two years trying to block the publication of a research paper which reveals a key hacking vulnerability in many of their models as well as thousands from other manufacturers. According to Bloomberg, a team of researchers discovered the vulnerability in 2012 and notified Volkswagen in May 2013. Instead of working with the researchers to resolve the issue, Volkswagen argued that the paper would increase the risk of theft and sued them to stop the publication.

The research paper was blocked by an injunction from the United Kingdom High Court for two years and was finally released after originally being blocked from presentation at the 2013 USENIX Security Symposium. The researchers were able to negotiate an agreement with Volkswagen to allow the paper to be published once they removed one sentence that described a component of the calculations on the chip.

The hack describes a vulnerability in transponders that use the Megamos Crypto algorithm that allows brute force attacks to defeat the security mechanism. A similar attack was described by Silvio Cesare last year which allows a radio transmission device to generate potential unlock codes that can be sent to a car until it is opened. This attack goes one step further by using a similar mechanism to generate a response that defeats the immobilizer systems in the affected vehicles and allows them to be started.

The research team of Roel Verdult and Baris Ege from the Netherlands along with Flavio Garcia from the United Kingdom were able to reverse-engineer the Megamos Crypto security mechanisms and were able to recover the 96-bit secret key and transmit it using an RFID device. Their first type of attack is able to exploit a weakness in cipher design which allows recovery of a portion of the secret key by listening in to two legitimate communications between the vehicle and key. The second type of attack uses brute force to send updates to the immobilizer in the vehicle.

This procedure allowed the researchers to generate a secret key in about 30 minutes that was able to start the car. Their last type of attack uses a similar brute force method, but exploits systems that use a weak cryptographic key. These systems can be hacked using a standard laptop in a few minutes due to the fact that they may use a shorter secret key or lack safety mechanisms such as pseudo-random number generators in their algorithm.


Models Affected By The Vulnerability (Models In Bold Tested By Researchers)

This type of security flaw is not something that can be corrected with a software update but would require new keys as well as new immobilizer hardware inside the cars which could be costly for Volkswagen and other manufacturers. Since the flaw did not constitute a safety issue it would not require a recall in most countries.

Volkswagen not only put its own vehicles at a higher risk of theft by suppressing the research, but also caused the risk to go unknown for many other manufacturers who use the same algorithm. Volkswagen states that the current models such as the Golf and Passat use a new algorithm that is immune to this type of attack, but have not offered any assistance to owners of older vehicles with vulnerable systems.

The main issue with the response from Volkswagen is that they look to protect their design by relying on the “security through obscurity” safety mechanism. While lawsuits and injunctions will keep legitimate researchers from publishing information about these flaws, thieves will eventually find a way to break through themselves. This was demonstrated with the Keeloq algorithm in 2007 when proprietary design information was discovered by Russian hackers and leaked online.

The better way to approach these issues is to invite these researchers and white hat hackers to work with the manufacturer once a security system is developed in order to reveal vulnerabilities and fix them before they reach thousands of cars.

[Main Photo Credit: Yahya S/Flickr/CC BY 2.0]

[Affected Vehicles Chart Credit: Verdult, Garcia, and Ege]

Get the latest TTAC e-Newsletter!

23 Comments on “Volkswagen Sued Researchers To Hide Key Hacking Flaw...”

  • avatar

    Whichever hacker develops a way to hack a Hellcat Black key into a “red key” or the Bugatti Veyron “standard key” into a “top speed key” wins the internets.

  • avatar

    I suspect in the US, the DMCA might be used to prevent publishing instructions on how to bypass digital security measures.

  • avatar

    For the older models, does a brute force method to compromise a 10 year old car qualify as a legitimate design flaw as stated?

    Also, the article does not suggest a viable course of action for manufacturers for cars that are no longer in production. There is no 100% impermeable solution.

    My guess is that all these cars have a physical key option in addition to the remote option. I think the most they could do is offer to disable the keyless system for free maybe?

    One thing is clear though, publishing this method in its entirety would be very very bad for these car models worldwide.

    • 0 avatar

      Those 10 year old vehicles still have a rot of life left in them.

      Or, rather, 10 year old vehicles not made by VAG have plenty of life left in them. Several machines on the list look like they have every reason to still me on the road.

      One thing that would have rescued my Volkswagen ownership experience would he been the availability of re-engdneered parts to fix glaring problems. This is distinct from the safety issues covered by recalls. For instance, the gearboxes in my 2001 Jetta (ZF 01M) was a disaster that only lasted 50k miles in good times. If VW had sold me a re-engineered unit that was supposed to last a growup 200k miles, along with some re-engineered parts to solve the turbo overboost problems I was seeing whin I was climbing mountains at sub-autobahn speeds, my experience would have been very different.

      With cars starting to last ducades, automakers are skipping a source of aftermarket revenue. No design is ever perfect, and it’s perfectly reasonable to sell me bugfixed/reingeneered/upgraded hardware which includes lessons learned over the last 10 years on a car that has beet driven long past its warranty period.

      AFIAK, the only reason they’re forgoing this opportunity to take my money is traditional thinking about the automotive business model. Engineering/capital costs might make same upgrades infeasible – but there’s every reason that *some* of them should be moneymakers.

      Selling me an OEM aftermarket upgrade to fix problems would have rescued my Volkswagen experience, and would be appropriate for the doorlock problem. Also, for my transmission problem.

      P.S. Other upgrades I’d like to buy would be OEM infotainment upgrades on my 2004 Prius and 2004 Sienna – I was planning to do these myself, but I haven’t had time or found a decent stereo installer to do it. I’d be happy to buy modern systems (with Bluetooth, modern navigation and backup camera) from Toyota — with OEM class integration with the car. I’d pay about $1000 for that in the Prius, and about $1500 for that in the van (assuming it included an upgraded DVD player). The last time I asked about this kind of upgrade (years ago at a Ford dealer), the parts counter dismissed me politely but firmly. I’m not spendthrift enough buy a new car to solve a $1k problem. But I’m still willing to pay real money for these upgrades, and car dealers are willing to leave that money on the table.

      [Shakes head]

      Hopefully Tesla will probably shake this up around 2025, once the Model 3s start to age. They’re already offering upgrades on the Model Ss (the Ludicrous speed upgrade) so they probably will continue to do that sort of thing going forward.

  • avatar

    No putting keys on paint. NO!

  • avatar
    White Shadow

    Curiously, my A5 somehow isn’t affected. It’s basically the same car as an A4, so I wonder why it didn’t make the list?

    • 0 avatar

      I found a list of Audi transponders claiming that they switched away from the Megamos Crypto in the 2006 model year, and the first A5 was a 2007 or a 2008, I think.

      • 0 avatar

        Right. The A4 and A5 were the first cars to use the current electronic key, rather than Audi’s traditional switchblade key (which was a thinly-disguised Volkswagen key). Cars that have debuted since then (Q5, A7, redesigned A6 and A8, Huracán, Aventador) use the electronic key. The only cars that still use the switchblade are the TT, Q7 and R8…each of which is about to be discontinued in its current generation.

  • avatar

    I want one of those Ferrari Schagliettis.

  • avatar

    News articles (and the paper itself) don’t do a great job calling out which model years are affected. It generally looks to be decade-old models:

  • avatar

    Auto makers should be spending less energy in trying to prosecute the people that are discovering their poor security engineering and invest more money in hiring security engineers that can actually improve their products.

    Efforts to suppress the existence of security vulnerabilities may prevent the average consumer from finding out about these problems but it will not keep the information from hackers and car thieves.

    • 0 avatar

      Good point.
      My guess is that good security for key fob applications may be*** slow and inconvenient.
      The problem with Slow And Inconvenient – it hurts your JD Power numbers…

      Car firms COULD admit that there are trade offs between the convenience of a fob vrs a traditional key (with a chip?!?). But Marketing (and Legal) couldn’t handle the truth.

      *** Or they only want security to a certain Price Point – VW doesn’t want to spend for strong, proven, IT encryption in a wireless fob.

      • 0 avatar

        Traditional locks and keys are fairly easy to pick, the locks are vulnerable to slide hammers and attacks through the glass beltline seal, the whole system is quite expensive and somewhat vulnerable to side impacts, and the whole thing tends to be a big warranty problem driver.

        The biggest problem with automotive security is lifetime. My car was new back when Windows XP first came out. Imagine surfing the internet with an original XP build!

        With the average fleet age holding around 11 years or so, an average 2015 vehicle will eventually face a security environment where a 12 year old has cellphone with more computing power than can currently be bought in a desktop at any price point. Add that to the fact that lots of people get years to try to break into these systems, and it’s almost inevitably going to be a challenge.

        • 0 avatar

          Car locks may be a bit tougher to pick than most doorknobs/deadbolts (or not, I’m not really sure) but in college I ordered a rudimentary lock pick kit from the internet and learned to pick locks to mess with my roommates, and it was actually disturbingly easy. And I’m not even particularly great in terms of manual dexterity.

    • 0 avatar

      Bah, the lawyers are already being paid to sit around, so you might as well put them to work covering up your stupid shit.

    • 0 avatar

      Yeah it seem fairly obvious. Don’t sue the hackers, hire them. Then fire the engineers that failed. How about suing those half-wit engineers??

  • avatar

    This sort of hacking will continue to happen as long as there are hackers. I would be willing to trade off the convenience of full keyless entry for security, on an optional basis. You could have a mechanical switch in the car that disables the keyless features. Once the switch is mechanically toggled again, then features are re-enabled for the fob. You could do this with, oh, I dunno, something like a door key, and a door lock. GM has shown that such a lock could cost only 75 cents, maybe a buck for one that works. Don’t use the key to lock the door, then full keyless features all the time and you rely on the manufacturer for secure programming.
    I know, next I’ll be wanting an MT6 brown station wagon.

  • avatar

    This is less earth-shattering than it sounds. The article states that for the hack to work, you have to be able to “snoop” on two conversations between the car and key. The immobilizer chip on most of these (cars without the new “walk to the car and hit the button” systems) only has a range of a few inches, meaning the thief needs access to the car and a valid key for this to work.

    If the thief already has the car and something capable of physically turning the lock cylinder, there have been programs for YEARS to get the car to accept a new key, and not even a current valid key is necessary.

  • avatar

    Electronic keys aren’t 100% impenetrable? There needs to be a large class action lawsuit for this. Preferably were the lawyers get 100 million each, and the customer gets a warning sticker.

    • 0 avatar

      That’s a carguy answer.

      The computer guy answer is “uhh, this was in the crypto textbook and we knew better all along. Why didn’t your engineers read the damn textbook like we did?!?”

      It’s easier said than done, but better crypto is widely available and is something the average engineer can understand if he/she bothers to try.

  • avatar

    Nah, could you imagine the powerful and connected using the legal system to benefit themselves (in the short run, until bonus season), at the expense of those less equal…. How surprising!! But, but the lawyers say they are, like, good, and, like, fight the baaad evil corporations, says the public school indoctrinated progressives with the customary confused looks on their collective faces…..

Read all comments

Recent Comments

  • Lou_BC: I find that mounting good tires, proper weight distribution, and intelligent driving will suffice most of the...
  • Lou_BC: Agreed. One saw that on carbureted motorcycles. They almost always had a bad lean spot in their jetting....
  • Lou_BC: @ajla. Correct. EU laws favoured small engines and diesels whereas US laws favoured big vehicles. Pickups...
  • Lou_BC: “Neither are not stagnant” ??? Ditch the “not” or the “N” in Neither.
  • EBFlex: “I will stump yet again for PHEVs which require about 7x less battery capacity, charges well on 120v,...

New Car Research

Get a Free Dealer Quote

Who We Are

  • Adam Tonge
  • Bozi Tatarevic
  • Corey Lewis
  • Jo Borras
  • Mark Baruth
  • Ronnie Schreiber