Hello everybody,
I have a client whose key's car seems to have been modified and he has been envolved in a prosecution by the Courts of Law.
I have been searching on the Internet and the model of his car is opened by a key which can be read by a key reader. Is it also possible to modify the data? When I say "data", I mean the last time the key was introduced in the car, the last time the car was started, the levels of fuel and oil at the last time, etc.
Have you ever had a case like this?
Thanks and regards!!
It obviously depends on the car's access control system. Just from the numbers of cars out there that hold data on the key I suspect, we are talking about BMW. But it is probably safe to say, that generally any key which contains car status data also contains two types of storage protected and unprotected.
If the "key reader" is a COTS device, like it is used by car repair shops, the data is read from an unprotected storage area and can be modified right on the key without any consequences. Reading the data from the protected area, either by giving it to the manufacturer or using an "illicit" method, will then reveal the true data.
There are different answers to whether it is possible to modify the key to represent a consistently wrong state of the car's status information, including the protected storage
1. It is generally possible, if you have got access to the key and the car at the same time. Most data on the key can be updated by (temporarily) injecting the wrong data into the car's access control system and performing a locking cycle. To lower the mileage requires dedicated tampering with the key, since the key's data is only updated to higher numbers.
2. If you have got access only to the key, an isolated issue - besides accessing the protected storage area - is, whether the rolling key derivation is chained to the status information. If so, modifying the key's status information will render the key useless (require the car to "learn" the key again). However, you should consider any car locks being cryptographically broken due to short key length or design flaws. An adversary who is able to access and modify the protected storage area is probably also able to compute a key state corresponding to arbitrary status information. If this is achieved, the key will work for subsequent locking cycles.
In any of these cases the deviating data on the key will be updated to the car's data during an opening or locking, except for higher mileage on the key. Therefore, if the mileage is cryptographically relevant, it is generally not possible to increase the mileage on the key (having only access to the key), because - even if correctly set for the next cycle - the key will not work for the locking cycle after the next one.
Hello C.R.S., amazing answer! 😯
So, if I have understood well, in the case I wanted to change the data stored in a key, I'd need the key and the car, wouldn't I?
Would it be possible to use a standard key reader&programmer to show the Court it is easy to change the data? Is that kind of device available in any online shop?
Thanks!!
C.R.S - you have a high expertise in this field - congratulations!
So, if I have understood well, in the case I wanted to change the data stored in a key, I'd need the key and the car, wouldn't I?
The bottom line of the above is, that you don't need the car in most cases, either because the required scope of the attack isn't to change the data within the protected storage (unfortunately, manufacturers are rarely consulted to analyze the entire key data and there is no vivid whitehat market for accessing it) or the status information isn't used for crypto. Anyway, for most attackers it will be much easier, if they have access to the car.
In terms of difficulty, I'd say regarding the data on unprotected storage, that most, hopefully all experts in car accident reconstruction and some staff from vendor authorized repair shops should be aware of the existence of such data and, if not demonstrate it, at least be able to outline, how it can be changed. I won't give any instructions on this, since manipulation of the unprotected key data is widely used to lower the mileage (read for the buyer from the second key, that isn't used for locking and not updated by the car). There are devices available from the COTS spectrum of automotive key readers/writers which can be used, but other COTS electronic testing equipment is a better pick for this task, in my opinion (may depend on the keys physical structure, tamper evidence etc.).
Methodologically the same is true for the protected storage with the difference, that you'd rely more on universal testing equipment. Except for public security research, you won't find anybody who advertises to have broken a specific model. It's basically a "zero-day" market, and putting pressure on a manufacturer to change its design doesn't help. However, the conceptual weaknesses which I mentioned above are common knowledge, sometimes (algorithms and key lengths) even documented by the manufacturer.
So, if I have understood well, in the case I wanted to change the data stored in a key, I'd need the key and the car, wouldn't I?
The bottom line of the above is, that you don't need the car in most cases, either because the required scope of the attack isn't to change the data within the protected storage (unfortunately, manufacturers are rarely consulted to analyze the entire key data and there is no vivid whitehat market for accessing it) or the status information isn't used for crypto. Anyway, for most attackers it will be much easier, if they have access to the car.
In terms of difficulty, I'd say regarding the data on unprotected storage, that most, hopefully all experts in car accident reconstruction and some staff from vendor authorized repair shops should be aware of the existence of such data and, if not demonstrate it, at least be able to outline, how it can be changed. I won't give any instructions on this, since manipulation of the unprotected key data is widely used to lower the mileage (read for the buyer from the second key, that isn't used for locking and not updated by the car). There are devices available from the COTS spectrum of automotive key readers/writers which can be used, but other COTS electronic testing equipment is a better pick for this task, in my opinion (may depend on the keys physical structure, tamper evidence etc.).
Methodologically the same is true for the protected storage with the difference, that you'd rely more on universal testing equipment. Except for public security research, you won't find anybody who advertises to have broken a specific model. It's basically a "zero-day" market, and putting pressure on a manufacturer to change its design doesn't help. However, the conceptual weaknesses which I mentioned above are common knowledge, sometimes (algorithms and key lengths) even documented by the manufacturer.
Hello CRS, thank you very much for your reply, I have sent you a PM.
Regards!