SpeedPass has been cracked

February 04, 2005

The popular radio-frequency ID system that is used to deter car thefts and as a convenience device for the purchase of gasoline can be defeated with low-cost technology, computer scientists from The Johns Hopkins University and RSA Laboratories have determined (see also previous report in SpyBlog and RFIDbuzz here).

Their findings, described in a new research paper, indicate that the encryption in RFID microchips in some newer car keys and wireless payment tags may not keep thieves at bay. Using a relatively inexpensive electronic device, criminals could wirelessly probe a car key tag or payment tag in close proximity, and then use the information obtained from the probe to crack the secret cryptographic key on the tag, the scientists said. By obtaining this key, lawbreakers could more easily circumvent the auto theft prevention system in that person's car or potentially charge their own gasoline purchases to the tag owner's account.

RFID Privacy Happenings: SpeedPass Is Cracked!

Graduate students at Johns Hopkins working with Avi Rubin, and Ari Juels and Michael Szydlo at RSA Laboratories, have posted an extended analysis of the Texas Instruments DST RFID used in both Mobil SpeedPass and in a variety of automotive anti-theft systems.

Apparently, the Digital Signature Transponder (DST) was based on a 40-bit cryptographic key and a 24-bit response. The website is a bit light on the "special-purpose cryptographic technique used to reconstruct the algorithm used in the DST tags," but apparently the overall system works.

Read more:

Posted by andersja


Scaring but not alarming!
Even though it is possible to break the encryption code on the car keys it is still easier to break into a car without DST. Let's hope that Texas Instruments among others is learning from this lesson and starts improving their encryption algorithms.

Posted by: Joakim Ditlev at February 4, 2005 07:16 PM
Post a comment

Remember personal info?