< Return to Video

36C3 - Vehicle immobilization revisited

  • 0:00 - 0:17
    Herald: The second thing I wanted to
    announce: there is no scooter sharing.
  • 0:17 - 0:36
    Which brings me to the next talk. We tend
    to need kind of a security concept for not
  • 0:36 - 0:43
    scooter sharing. So the easiest way would
    be to have kind of a scooter lock. But we
  • 0:43 - 0:51
    have the lock picking guys. So that won't
    work. So the next option would be we can
  • 0:51 - 0:58
    have a GPS tracker, but we have the GPS
    spoofing guys. Which isn't also that good.
  • 0:58 - 1:07
    A third option would be an immobilization
    system. We have Wouter Bokslag. Thank you.
  • 1:07 - 1:11
    applause
  • 1:11 - 1:16
    Wouter: Hi. Thank you for the
    introduction. Thank you guys for the warm
  • 1:16 - 1:21
    welcome. I'm really happy to see that
    still some people have come together here
  • 1:21 - 1:28
    at this ungodly hour to watch my talk
    about vehicle immobilization. Well,
  • 1:28 - 1:34
    briefly something about me. I'm a
    Kerckhoff security master. And the
  • 1:34 - 1:41
    research I will be presenting today, I did
    as my master's thesis. So I spent about
  • 1:41 - 1:47
    half a year analyzing various systems and
    I wrote something about that. And if you
  • 1:47 - 1:54
    want to read the full story, you can look
    at my thesis, which is public since some
  • 1:54 - 1:59
    time now. And there's more detail there.
    I'm currently working as an automotive
  • 1:59 - 2:06
    engineer. And if you feel like asking me
    questions besides the Q&A, you can always
  • 2:06 - 2:13
    contact me by mail. So first, responsible
    disclosure. This kind of stuff is not a
  • 2:13 - 2:20
    joke. Automotive manufacturers think it is
    very important. And, well, they have a
  • 2:20 - 2:28
    reason to think so. So naturally we
    contacted them ahead of publication even
  • 2:28 - 2:35
    before my defense and we laid out the
    findings and I had a couple of conference
  • 2:35 - 2:43
    calls with the manufacturers. And I even
    went to one of them to demonstrate the
  • 2:43 - 2:51
    findings on premise. I need to point out
    that the research that I did was on fairly
  • 2:51 - 2:58
    old vehicles like 2009 and around. But for
    the three cases that I really went in
  • 2:58 - 3:04
    depth we have been able to confirm that
    they are still in currently produced
  • 3:04 - 3:09
    models. So this in itself is kind of
    surprising because you think automotive,
  • 3:09 - 3:16
    cars, electronics, security, it's a fast
    moving industry, but well, no, not really.
  • 3:16 - 3:22
    So everything that was in cars in 2009, at
    least regarding to these three systems,
  • 3:22 - 3:28
    can still be found in currently produced
    models. I will disclose the vehicles that
  • 3:28 - 3:34
    I've been working on, because I think that
    is relevant. I hope you can forgive me
  • 3:34 - 3:39
    that I'm not going to disclose the
    vehicles that I have identified these
  • 3:39 - 3:44
    systems in that are still being produced.
    I'm not really into facilitating theft and
  • 3:44 - 3:51
    I don't see what would be the added value.
    So the talk will be structured as follows:
  • 3:51 - 3:58
    I will first introduce some standard stuff
    about immobilization systems and about
  • 3:58 - 4:05
    computer networks inside vehicles. I will
    tell you something about how I addressed
  • 4:05 - 4:11
    the challenge. So for all three models, I
    kind of followed a similar approach and I
  • 4:11 - 4:16
    think it's more practical to lay that out
    once and then skip the details later on.
  • 4:16 - 4:21
    And then I will present the three
    protocols that I uncovered in a Peugeot, a
  • 4:21 - 4:27
    Fiat and an Opel vehicle. I will then
    summarize the findings in a series of
  • 4:27 - 4:35
    takeaways and there will be some time for
    questions. Right. So modern vehicles are
  • 4:35 - 4:41
    full of electronics and full of computer
    systems. They operate largely independent.
  • 4:41 - 4:47
    They are all connected through a variety
    of different buses that talk to each other
  • 4:47 - 4:53
    with different protocols. And there is a
    plethora of different standards, ISO
  • 4:53 - 4:59
    standards, all kinds of standards. And
    then the manufacturer wants a lot of
  • 4:59 - 5:05
    freedom to, well, do it in their own way.
    So even if you read these hundreds of
  • 5:05 - 5:12
    pages of standards, still every vehicle
    you will look at will be kind of
  • 5:12 - 5:20
    different. There are some practical
    handles that you can use, and one of them
  • 5:20 - 5:30
    is that every car has a OBD-II port. Yeah,
    this is required by law, both in the US
  • 5:30 - 5:38
    and in Europe for quite some time now. And
    it needs to be conveniently located and
  • 5:38 - 5:45
    that is very near the driver's seat. So
    this is a universal connector and all cars
  • 5:45 - 5:50
    with a combustion engine need to have one.
    And cars with electronic engines also need
  • 5:50 - 5:56
    to have one. But the functionality that
    has to be implemented is much more
  • 5:56 - 6:04
    limited. So in regular internal combustion
    engine powered cars, you have to be able
  • 6:04 - 6:11
    to read out emissions data and that kind
    of stuff. So many manufacturers felt this
  • 6:11 - 6:17
    was a very convenient thing to also use
    for garage purposes, for workshops to read
  • 6:17 - 6:24
    out error codes, to perform all kinds of
    routines on vehicles. You might need to
  • 6:24 - 6:30
    teach new keys to your car if you lost one
    or if you just want a third one. If you
  • 6:30 - 6:36
    add a towbar to your car, you need to tell
    a couple of ECUs in the car that it now
  • 6:36 - 6:42
    has a towbar. Depends on the vehicle, but
    telling this to 5 individual ECUs is not
  • 6:42 - 6:49
    an exception. And since it is a bus, the
    CAN bus, it can be directly addressed
  • 6:49 - 6:54
    through the OBD connector on many vehicles
    and you can talk to a lot of different
  • 6:54 - 6:59
    components. So the ECM, the Engine Control
    Module, is one, the body control module is
  • 6:59 - 7:05
    another. That one controls, for instance,
    powered windows and all kinds of interior
  • 7:05 - 7:14
    stuff, but also the airbag, infotainment
    system, fancy interior lighting, stability
  • 7:14 - 7:22
    control systems. Another feature of it
    being a bus is that you can also see the
  • 7:22 - 7:28
    inter-component communication. So if the
    instrument panel cluster, the dashboard,
  • 7:28 - 7:36
    needs to talk to, say, the body control
    module, you can see that packet going over
  • 7:36 - 7:43
    the CAN bus. All my research has been
    focused on this OBD-II connector and what
  • 7:43 - 7:49
    you can do and what you can see from this
    perspective. Immobilizer systems are
  • 7:49 - 7:56
    nowadays required to be implemented in
    vehicles. Since the late 90s, legislation
  • 7:56 - 8:03
    has been adopted in both the States and
    Europe, mandating the use of an electronic
  • 8:03 - 8:10
    immobilization system. And the purpose, of
    course, was to reduce the risk of theft.
  • 8:10 - 8:17
    This is proven to be effective: According
    to one study, theft rates dropped by
  • 8:17 - 8:26
    almost 40% in, I think, a 7 year span they
    based their data on. This is because car
  • 8:26 - 8:34
    theft used to be quite simple. You could
    just put two wires together and you could
  • 8:34 - 8:39
    power the starting circuit and you could
    actually start the engine. And the
  • 8:39 - 8:45
    immobilizer system adds another step to
    that. The engine control module that
  • 8:45 - 8:51
    finally controls the engine wants to have
    some kind of assurance that the key
  • 8:51 - 8:56
    presented in the system is actually valid
    and does so by validating a security
  • 8:56 - 9:02
    transponder. First generations of these
    security transponders have been widely
  • 9:02 - 9:08
    studied and often were found insecure. Of
    course this is a problem because well, if
  • 9:08 - 9:13
    it's insecure, it doesn't add any security
    and cars can be stolen nonetheless. So
  • 9:13 - 9:18
    there has been kind of an arms race in
    this domain and we see that nowadays
  • 9:18 - 9:24
    security transponders have become a lot
    better. Your car might even use AES to
  • 9:24 - 9:32
    validate that the key you're putting in
    the ignition is an actual key that is
  • 9:32 - 9:38
    recognized by your vehicle. And this is
    really necessary because car thieves have
  • 9:38 - 9:43
    shown to be able to wield quite high tech
    solutions, procure them from shady
  • 9:43 - 9:51
    companies or just use official tools that
    can be used in illegitimate ways. A nice
  • 9:51 - 9:58
    example of this is shown here. For certain
    models of Range Rover, they have a blind
  • 9:58 - 10:04
    spot sensor, so you can see if there is a
    car in your blind spot. And if you pop off
  • 10:04 - 10:09
    a cap, then you can connect a 12V battery,
    power the internal ECUs of the vehicle.
  • 10:09 - 10:15
    Then you can access the CAN bus, put the
    car into key teaching mode and hold a
  • 10:15 - 10:21
    blank key to the window and it will
    program the key and recognize it as a
  • 10:21 - 10:25
    valid key. Well, needless to say, this was
    not intended behavior
  • 10:25 - 10:28
    laughter
  • 10:28 - 10:33
    and this has had consequences for
    consumers. Because insurance companies saw
  • 10:33 - 10:39
    a rise in theft for these models - these
    are quite expensive cars - and they
  • 10:39 - 10:45
    started adding demands before they would
    allow you to insure your car. So the
  • 10:45 - 10:51
    insurance would get more expensive or you
    would not be able to get the insurance if
  • 10:51 - 10:57
    at least at your own home, you couldn't
    park it in a secured area. There is a
  • 10:57 - 11:05
    common misconception about how immobilizer
    systems work, and it's actually one of the
  • 11:05 - 11:10
    reasons I want to give this talk and
    present this, because I think it's
  • 11:10 - 11:17
    important to realize that an immobilizer
    system is a bit more complicated than the
  • 11:17 - 11:23
    single cryptographic step that seems
    logical. So what you might think is that
  • 11:23 - 11:28
    the engine control module sends a
    challenge to the body control module,
  • 11:28 - 11:34
    which communicates with the key. It
    implements the radio layer and it can then
  • 11:34 - 11:41
    relay the challenge to the key. The key
    can compute the proper response based on a
  • 11:41 - 11:47
    secret it shares with ECM, send back the
    response, which the BCM will in turn
  • 11:47 - 11:53
    forward to the ECM. The ECM can verify the
    validity, and if this seems to be the
  • 11:53 - 11:59
    right response, immobilization is
    deactivated and the car can start. Sounds
  • 11:59 - 12:06
    good. Sounds easy, but this is in modern
    cars no longer the case. 'course. What we
  • 12:06 - 12:13
    see is that there is a second step. The
    ECM does an authentication with the BCM.
  • 12:13 - 12:20
    The BCM does an authentication with the
    key. So if your key uses say AES for its
  • 12:20 - 12:28
    authentication, then this will be an AES
    secured authentication between the BCM and
  • 12:28 - 12:34
    the key. The BCM, if it can validate the
    legitimacy of the key, will then send the
  • 12:34 - 12:39
    correct response to the engine control
    module. But this is a whole different
  • 12:39 - 12:45
    protocol, using different cryptographic
    primitives, using different keys,
  • 12:45 - 12:53
    sometimes, often, don't know. And more
    importantly, it has not yet been covered.
  • 12:53 - 12:58
    So in the scientific literature, I have
    found absolutely zero reference of this
  • 12:58 - 13:04
    step being identified. And here and there
    you find a reference that people know that
  • 13:04 - 13:11
    this happens, but no actual analysis of
    the security or the cryptographic
  • 13:11 - 13:19
    primitives involved. Right. So that is an
    open question then and asks for further
  • 13:19 - 13:25
    research. So how do you do that? You can
    sniff CAN traffic from the OBD connector
  • 13:25 - 13:32
    with tooling. And by disconnecting ECUs
    and placing yourself in the middle you can
  • 13:32 - 13:39
    also modify CAN traffic. You can analyze
    this CAN traffic, see if you can find
  • 13:39 - 13:44
    immobilizer-related messages. And of
    course, by the messages, you cannot deduce
  • 13:44 - 13:49
    the algorithm, most of the time. So you
    will need a firmware image or something
  • 13:49 - 13:54
    else you can reverse engineer to actually
    find the code that does the magic stuff.
  • 13:54 - 13:59
    If you have that and if you are able to
    pinpoint where the algorithm is, then you
  • 13:59 - 14:05
    can start looking at if it's actually
    decent. And once you are all there you
  • 14:05 - 14:11
    will want to test if all the assumptions
    you've made on the way are correct and if
  • 14:11 - 14:15
    it's actually working as you think it's
    working. So the first step, protocol
  • 14:15 - 14:20
    identification, is actually quite
    straightforward because you have some
  • 14:20 - 14:26
    knowledge. You know that this is a message
    exchange that happens when you switch the
  • 14:26 - 14:32
    ignition to the on position. And you know
    that there must be at least two high
  • 14:32 - 14:37
    entropy messages because the challenge has
    to be different every time. And the
  • 14:37 - 14:41
    response is the output of some
    cryptographic function. So it may be
  • 14:41 - 14:46
    expected that that looks quite random,
    too. Also, if you switch the ignition on
  • 14:46 - 14:52
    but no valid transponder is present, you
    should be able to detect some kind of
  • 14:52 - 14:56
    difference. And it will probably be the
    very first moment you observe a
  • 14:56 - 15:01
    difference, because before that point, the
    car didn't know there was no valid
  • 15:01 - 15:07
    transponder. So with a bit of fiddling and
    some patience and going through CAN
  • 15:07 - 15:13
    traffic logs, you can probably find this.
    OK. Next step is to get a firmware image
  • 15:13 - 15:19
    in which you hope to be able to find the
    actual cryptographic protocol. So there
  • 15:19 - 15:25
    are several options. Of course you already
    have the firmware, but it's in the
  • 15:25 - 15:31
    microcontroller in an ECU that is either
    lying on your desk or inside some vehicle.
  • 15:31 - 15:38
    So you could try to get it straight out of
    that device. Debugging headers are a good
  • 15:38 - 15:45
    option. You have JTAG, you have BDM, UART
    occasionally can be used, but sometimes
  • 15:45 - 15:50
    these are deactivated. Sometimes it just
    doesn't seem to work. Sometimes the
  • 15:50 - 15:55
    tooling is prohibitively expensive. So if
    that doesn't work, you can always go to
  • 15:55 - 16:00
    the internet. Some manufacturers provide a
    means to download a set of information
  • 16:00 - 16:07
    about the vehicle based on its VIN number.
    You can find all kinds of configurations,
  • 16:07 - 16:13
    you might be able to find actual parts or
    full firmwares, often encrypted, not
  • 16:13 - 16:19
    always. And then there is the tuning
    scene. And while you might think of neon
  • 16:19 - 16:23
    lighting and stuff like that, these guys
    are actually pretty knowledgeable about
  • 16:23 - 16:28
    the internals of engine control modules in
    particular. And you might just be able to
  • 16:28 - 16:35
    find a full firmware image or parts of it
    or some model that is highly related. And
  • 16:35 - 16:40
    this is kind of a viable approach to
    getting your hands on the firmware. But
  • 16:40 - 16:45
    also very practical can be to just
    leverage the functionality that is
  • 16:45 - 16:52
    implemented in the ECU. The ECU allows for
    diagnostic commands such as read memory by
  • 16:52 - 17:00
    address and request upload, which from the
    perspective of an ECU is sending new data.
  • 17:00 - 17:07
    And you might be able to just dump the
    whole firmware or dump memory or dump at
  • 17:07 - 17:14
    least parts of the the internals of the
    ECU. Then there is some kind of mechanism
  • 17:14 - 17:20
    that's called second bootloader. It's a
    sort of standard. Not every manufacturer
  • 17:20 - 17:26
    implements it, but quite some do. That
    allows you to actually send binary code to
  • 17:26 - 17:34
    the ECU. And it then jumps to it. So very
    convenient functionality. It's maybe very
  • 17:34 - 17:39
    painstaking to get it working, but yeah,
    it's basically free code execution. Except
  • 17:39 - 17:43
    for the fact that you often need to
    authenticate before you're allowed to use
  • 17:43 - 17:47
    such functionality. So that might leave
    you with some kind of chicken and egg
  • 17:47 - 17:51
    problem, because you don't know how to
    authenticate, you don't have the algorithm
  • 17:51 - 17:56
    for this authentication. And lastly, there
    are sometimes firmware updates for ECUs
  • 17:56 - 18:03
    and you might be able to use an official
    dealer tool, you might be able to sniff
  • 18:03 - 18:09
    CAN traffic. Multiple ways of trying to
    update the firmware on your ECU
  • 18:09 - 18:13
    reconstructed from the CAN traffic. Once
    more, you have to go through an ISO
  • 18:13 - 18:18
    standard before you understand how it's
    exactly chunked in 8 byte messages, but
  • 18:18 - 18:25
    you'll get there eventually. So once you
    have this firmware, you have to pinpoint
  • 18:25 - 18:30
    the cryptographic algorithm and ECU
    firmwares are typically between half a
  • 18:30 - 18:35
    megabyte and 2 megabytes. And that is a
    lot, if we're talking assembly. And the
  • 18:35 - 18:41
    information density is extremely low. And
    if you have to go through it line by line,
  • 18:41 - 18:47
    it's hardly doable. So you need to have
    some tricks. I think we're at a conference
  • 18:47 - 18:51
    where we've seen a lot of reverse
    engineering. So this is not going to be my
  • 18:51 - 18:56
    focus during this talk, but a couple of
    pointers. Maybe someone is helped by that.
  • 18:56 - 19:01
    Of course, you know the protocol because
    you have observed CAN traffic. So you can
  • 19:01 - 19:07
    search for immediate values, for numerical
    values that are used in the protocol to
  • 19:07 - 19:14
    designate a packet type, for instance. It
    must be in the firmware somewhere. Also,
  • 19:14 - 19:19
    you know that crypto usually uses XOR
    instructions and you would be surprised
  • 19:19 - 19:24
    how little XOR instructions there are in a
    firmware. Depending on the architecture,
  • 19:24 - 19:28
    you might immediately dismiss most of
    those as a single bit flip or maybe
  • 19:28 - 19:34
    inversion of a whole register, and then
    you will find some XORs with either weird
  • 19:34 - 19:40
    constants or variables. So those are
    points to focus on. Lastly, you can make
  • 19:40 - 19:47
    some assumptions on the structure of the
    cryptographic function, so it certainly
  • 19:47 - 19:53
    doesn't do IO, it will not invoke a lot of
    other external functions, maybe some round
  • 19:53 - 19:58
    function once or twice, maybe some
    initialization. It will probably have some
  • 19:58 - 20:04
    loops and you can sometimes recognize the
    length of the challenge. You can sometimes
  • 20:04 - 20:09
    recognize the length of the response. That
    being said, let's dive in the first case
  • 20:09 - 20:16
    study. So I reverse engineered the Peugeot
    207, which is, as I said, not the most
  • 20:16 - 20:22
    recent of vehicles. And this was my test
    setup. It doesn't look like much, but
  • 20:22 - 20:27
    everything that's relevant to me is there.
    And you can toggle the ignition and lights
  • 20:27 - 20:32
    will show and all the ECUs are connected
    through a CAN bus and an OBD connector
  • 20:32 - 20:39
    that you can see on the left side of the
    instrument panel. And I investigated a
  • 20:39 - 20:46
    tool that had a kind of peculiar function
    and that is that you could obtain the
  • 20:46 - 20:51
    vehicle PIN - some kind of secret you
    needed to authenticate for diagnostics -
  • 20:51 - 20:56
    by connecting this tool and toggling the
    ignition a couple of times. So that kind
  • 20:56 - 21:01
    of gives you a hunch that the
    immobilization system might be involved,
  • 21:01 - 21:07
    because it's triggered upon toggling the
    ignition, and that you can derive in some
  • 21:07 - 21:15
    way the vehicle pin from this. So for this
    Peugeot and for most BSA vehicles in
  • 21:15 - 21:21
    general, the PIN is a four digit uppercase
    and numeric code excluding the O and I,
  • 21:21 - 21:27
    because that would be confusing. So that
    leaves us with roughly one point three
  • 21:27 - 21:34
    million keys, which is nothing in terms of
    crypto. I finally reversed the algorithm.
  • 21:34 - 21:41
    It is obviously in the engine control
    module and the body control module. And
  • 21:41 - 21:46
    the main part looked like, oh wait, wait
    for it. And the protocol looks like this.
  • 21:46 - 21:52
    So if you observe CAN traffic, you will
    see that some CAN ID 72. On that ID is
  • 21:52 - 21:59
    sent a message that starts with 00 and
    then followed by a 4 byte challenge. And
  • 21:59 - 22:05
    if the BCM is able to verify that a valid
    key is present, it will respond with 04
  • 22:05 - 22:12
    and a four byte response. So this is a
    very small, straightforward protocol,
  • 22:12 - 22:20
    which, well, does the bare necessary. And
    one of the first things I did was
  • 22:20 - 22:25
    injecting challenges. Just inject a
    challenge, send it to the BCM with a valid
  • 22:25 - 22:30
    key and see what the response is going to
    be. And if I replace the zeros by dots,
  • 22:30 - 22:38
    you see that there's an extremely apparent
    pattern is visible. So the ideal case that
  • 22:38 - 22:46
    a single bit flip in a challenge leads to
    a 50/50 chance of a bit flip in every
  • 22:46 - 22:52
    response bit is not exactly respected. You
    see that the effect of changing the
  • 22:52 - 22:58
    challenge has a very localized effect on
    the response. Another weird feature, which
  • 22:58 - 23:04
    is not very clearly visible here, but it's
    visible in the last one, is that on
  • 23:04 - 23:10
    average, when you give average just random
    challenges, 75% of the bits of the
  • 23:10 - 23:16
    response will be set. So that is a very,
    very heavy bias. And it was quite puzzling
  • 23:16 - 23:23
    to me what kind of cryptographic primitive
    would exhibit such behavior. And then it
  • 23:23 - 23:31
    became clear. this is the main function of
    the algorithm and there is a transform
  • 23:31 - 23:37
    function that I left out, but it basically
    does some multiplication, some division,
  • 23:37 - 23:43
    some modulo, mathematical operations, It
    splits the challenge in two parts and it
  • 23:43 - 23:50
    splits the vehicle PIN, so the secret in
    two parts. And the total of four parts are
  • 23:50 - 23:56
    all used as inputs for this transform
    function and we obtain a challenge
  • 23:56 - 24:02
    transformed left challenge transformed
    right and similarly for the PIN a left and
  • 24:02 - 24:08
    right transformed part. And then something
    interesting happens because the left
  • 24:08 - 24:15
    transformed part of the challenge is ORed
    with a part of the PIN. And an OR
  • 24:15 - 24:25
    operation will lead to a, well, on average
    75% set result. So that kind of explains
  • 24:25 - 24:34
    the weird behavior we saw before. Strange
    and maybe not so smart, because an
  • 24:34 - 24:42
    adversary will be able to either control
    or observe the challenge that is used as
  • 24:42 - 24:48
    input for this algorithm. So if you know
    the challenge, you know the transform
  • 24:48 - 24:52
    challenge, and if you know to transform
    challenge, you know something about the
  • 24:52 - 25:00
    output. Because if the transform challenge
    has a one bit, then the response will have
  • 25:00 - 25:06
    a one bit in that same position. There is
    another property for the transform
  • 25:06 - 25:10
    function, and that is that if the input is
    a zero, the further parameters of
  • 25:10 - 25:16
    transform vary a bit, but it doesn't
    affect this property: if the input is a
  • 25:16 - 25:22
    zero, the output is a zero. So that gives
    us that if you have a challenge of all
  • 25:22 - 25:28
    zeros, you will obtain a transform
    challenge of all zeros. And that means
  • 25:28 - 25:34
    that when you're doing the OR you're ORing
    with nothing and the response will be
  • 25:34 - 25:41
    entirely determined by the transformed
    PIN. Then another property is that the
  • 25:41 - 25:48
    PIN, which is an alphanumeric PIN, is
    invertable once. Let me restart.
  • 25:48 - 25:58
    Transform: If it takes a PIN as input,
    then the output can be inverted. There is
  • 25:58 - 26:05
    only one PIN part input that maps to one
    output of the transform function. So if
  • 26:05 - 26:10
    you are able to supply the vehicle with a
    challenge of zeros, you will get one
  • 26:10 - 26:15
    response and you can uniquely identify the
    secret of the car, the PIN. And this PIN
  • 26:15 - 26:19
    can later be used to, for instance,
    authenticate for diagnostics or key
  • 26:19 - 26:24
    teaching or whatever you want. If you're
    not able to control the challenge, you can
  • 26:24 - 26:29
    just collect a couple of random challenge
    responses and you will still have the PIN.
  • 26:29 - 26:35
    So that's bad. What's worse is that there
    are a lot of collisions because the bits
  • 26:35 - 26:42
    that are set in the challenge transformed
    will hide the bits that are set in the PIN
  • 26:42 - 26:50
    transformed. So a challenge transformed
    with a lot of ones set will accept a lot
  • 26:50 - 26:56
    of different PINs as proper input and
    result in the same response. So there is a
  • 26:56 - 27:02
    quite simple attack we can mount here and
    that is that we get a challenge from the
  • 27:02 - 27:08
    car without a valid key present and we
    then compute for that challenge for all
  • 27:08 - 27:14
    PINs what response it would yield. And you
    will see that some PINs, sorry, some
  • 27:14 - 27:19
    responses are generated by a lot of
    different PINs. It could easily be two-,
  • 27:19 - 27:24
    three thousand PINs resulting in the same
    challenge. So you choose the most probable
  • 27:24 - 27:29
    response and you send it and either the
    ECU accepts it and disables immobilization
  • 27:29 - 27:35
    or it doesn't. And if it doesn't accept
    it, then you know for three thousand pins
  • 27:35 - 27:41
    that it was not that. In general this
    takes far less than 4000 attempts and and
  • 27:41 - 27:48
    far less than 15 minutes. I don't know
    exactly. I've tried it a couple of times
  • 27:48 - 27:54
    and I've been able to deactivate
    immobilization, I'd say, 3 minutes once,
  • 27:54 - 28:00
    maybe 10 minutes once. And after that, if
    you toggle the ignition switch, the car
  • 28:00 - 28:08
    will actually start without transponder
    present. So. That was not so good. Next
  • 28:08 - 28:16
    case is the Fiat I investigated, the
    Grande Punto and I reverse engineered the
  • 28:16 - 28:22
    BCM. It's based on the NEC V850
    architecture, which is a nice 32 bit RISC
  • 28:22 - 28:30
    architecture, pretty readable, pretty fair
    information density. But still, I couldn't
  • 28:30 - 28:35
    really figure out what the actual crypto
    part was. So I also investigated an engine
  • 28:35 - 28:42
    control module. Surprisingly, I was able
    to find it there. And then I immediately
  • 28:42 - 28:48
    went back to the V850 because that at
    least is readable code. Protocol is as
  • 28:48 - 29:00
    follows: It has a 32 bit challenge, then a
    4 bit - sorry - 4 byte challenge, then a 2
  • 29:00 - 29:06
    byte proof of knowledge. And that's an
    interesting feature, because that way the
  • 29:06 - 29:11
    engine control module proves to the body
    control module that it actually has
  • 29:11 - 29:17
    knowledge of the key. So you can not just
    spam a challenge and get a get a response
  • 29:17 - 29:23
    for that. You have to prove that you know
    the secret. And then you get back a 2 byte
  • 29:23 - 29:30
    response. And if that is correct, the ECM
    accepts it and the car can start. And this
  • 29:30 - 29:38
    very well, seemingly nice security feature
    that there is a proof of knowledge of the
  • 29:38 - 29:45
    key is actually the flaw in this system,
    as it turns out. The cipher is a linear
  • 29:45 - 29:50
    feedback shift register based cipher. It
    initializes the states with the key, XORed
  • 29:50 - 29:56
    with the challenge, XORed with some
    constant. And then it does 38 rounds. If
  • 29:56 - 30:00
    you don't know what an LFSR is I'll tell
    you in the next slide. Then it generates
  • 30:00 - 30:06
    the proof. That is 12 rounds, actually 12
    bits output. And if you look back in the
  • 30:06 - 30:12
    protocol, you actually see that the first
    nibble is indeed a zero. So it's not 16
  • 30:12 - 30:17
    bits, but it's only 12 bits. After
    generating the proof, it loads an
  • 30:17 - 30:23
    additional 16 bit constant and then
    generates the 14 bit response. This is a
  • 30:23 - 30:29
    very standard construction in crypto and
    there is a fairly standard attack to it.
  • 30:29 - 30:40
    So what you see here is an LFSR, it's a 32
    bit register and it operates in ticks. So
  • 30:40 - 30:45
    it is loaded with this initial secret
    state at the beginning of the algorithm
  • 30:45 - 30:56
    and each tick it takes 4 bits and they are
    XORed together. Then the whole register
  • 30:56 - 31:02
    shifts one position to the left. So bit 0
    goes to bit 1, 1 to 2, etc. Bit 31 shifts
  • 31:02 - 31:10
    out and the previously computed XOred bit
    is shifted in in the 0 position. So that
  • 31:10 - 31:16
    way it cycles and continuously updates its
    internal state. And then there is an
  • 31:16 - 31:23
    output function that takes 8 bits of input
    and each tick it computes one bit from an
  • 31:23 - 31:30
    8 bit input, and on the lower left you can
    see the output generation table. So it
  • 31:30 - 31:37
    kind of just counts through this. And if
    the eight bits together add up to say A2,
  • 31:37 - 31:44
    then you pick bit position A2 in this
    table and that is then the bit that is
  • 31:44 - 31:53
    being generated as proof or response bit
    during that round. Now what we see here is
  • 31:53 - 32:01
    that there is actually 8 bits of the LFSR
    that determine the output bit. And of
  • 32:01 - 32:13
    these 8 bits they generate 256 different
    values. Now there are 256 different
  • 32:13 - 32:19
    combinations and only half will generate
    the observed output bit. So that means
  • 32:19 - 32:25
    that 128 different options may be valid
    options for these 8 bits to generate a
  • 32:25 - 32:30
    response or a proof that we have observed
    earlier. And that is pretty interesting.
  • 32:30 - 32:38
    And you can use that to construct a guess
    and determine attack. Which means that you
  • 32:38 - 32:44
    make an assumption on the internal state.
    We have 128 candidate internal states. And
  • 32:44 - 32:50
    then we do a round. So we shift the
    guessed bits one position to the left. We
  • 32:50 - 32:56
    do the feedback function and then we are
    going to evaluate the second bit that was
  • 32:56 - 33:01
    generated. For the second bit we already
    have some knowledge, because we made
  • 33:01 - 33:09
    assumptions earlier. So the green squares
    designate the bits that we already know.
  • 33:09 - 33:17
    And you see that throughout the rounds,
    each round you can eliminate half the
  • 33:17 - 33:21
    candidates, because they generate the
    wrong output bit. And you need to guess
  • 33:21 - 33:29
    less and less bits in order to to fill in
    the state. And this continuous elimination
  • 33:29 - 33:36
    of half the candidate states makes this
    far more efficient than just a brute force
  • 33:36 - 33:42
    attack. The total complexity of this
    attack is 2^21, which is orders of
  • 33:42 - 33:52
    magnitude less than mounting a brute force
    attack. Right. So that's OK. That is
  • 33:52 - 33:58
    fairly standard stuff in crypto. Now,
    there is a big problem in the way they
  • 33:58 - 34:04
    implemented this, because they did some
    secret reuse. And the secret that is being
  • 34:04 - 34:12
    used to generate the proof is in some
    mangled way the vehicle PIN. If you take
  • 34:12 - 34:19
    this 32 bit secret input value and you
    take the 5 rightmost nibbles and then
  • 34:19 - 34:24
    transform the letters into numbers and
    then replace the zeros by sevens, then you
  • 34:24 - 34:32
    get a 5 digit number and that number is
    the PIN. So what we have now is an attack
  • 34:32 - 34:38
    that observes a couple of challenges
    together with their proof of knowledge,
  • 34:38 - 34:45
    which is always there, and you get it for
    free when you just power the ECU, and you
  • 34:45 - 34:51
    run an attack on that. That takes, well,
    my not so optimized implementation takes 6
  • 34:51 - 34:58
    seconds on a single core. You can probably
    do better. Runs in seconds. And what you
  • 34:58 - 35:05
    get is the PIN. So you can still not
    authenticate towards the ECM, but you do
  • 35:05 - 35:09
    get the pin which you can then use to
    authenticate for diagnostic services, you
  • 35:09 - 35:13
    can, maybe, read memory, you can, maybe,
    reprogram stuff, you can, maybe,enter key
  • 35:13 - 35:23
    teaching mode. There is absolutely ways to
    leverage this and, well, get the car to
  • 35:23 - 35:34
    start. The 3rd case I investigated was an
    Opel Astra H. And I've decided to skip the
  • 35:34 - 35:38
    crypto parts in this one because I
    couldn't break it and I wouldn't want to
  • 35:38 - 35:44
    bore you with a fairly complicated
    algorithm and then not present an attack.
  • 35:44 - 35:48
    If you're interested, it's in my thesis so
    you can look it up. But there is still
  • 35:48 - 35:56
    some funny things to point out here. I
    reverse engineered an ECM that was based
  • 35:56 - 36:04
    on a PowerPC architecture microcontroller.
    And that is very nice because there is a
  • 36:04 - 36:11
    decompiler for that. And IDA Pro will
    nicely transform the assembly into
  • 36:11 - 36:18
    somewhat accurate, somewhat readable C
    code. That was good, but it was not
  • 36:18 - 36:27
    enough. So I purchased some tool to use
    the BDM interface of this ECU which was
  • 36:27 - 36:33
    active and usable. And it took me a lot of
    time to get the tools working, because
  • 36:33 - 36:37
    virtual machines were not okay, etc etc. I
    installed Windows and did crazy stuff. And
  • 36:39 - 36:44
    then I was able to read memory, modify
    registers on the actual ECU, and that
  • 36:44 - 36:52
    helped a great deal in debugging and
    finding the actual functions. So this is
  • 36:52 - 36:59
    the protocol that I found. It has a 2 byte
    opcode, then 2 bytes status data, then a 4
  • 36:59 - 37:03
    byte challenge. And similarly 2 byte
    opcode for the response, 2 byte status
  • 37:03 - 37:14
    data, 4 byte response. No proof of
    knowledge here. Just a 32 bit to 32 bit
  • 37:14 - 37:20
    challenge-response authentication. And
    what was funny when I finally uncovered
  • 37:20 - 37:27
    the algorithm is that this is not an
    algorithm that was designed by Opel. It is
  • 37:27 - 37:34
    an algorithm that is used by a security
    transponder. It is used by the PCF7935
  • 37:34 - 37:40
    security transponder, which is the
    predecessor of high tech II, which you may
  • 37:40 - 37:48
    be familiar with it. It uses a 128 bit
    secret. So that is really, really big
  • 37:48 - 37:54
    secret, and a 32 bit internal state. When
    I saw that 32 bit internal state, I was
  • 37:54 - 38:01
    like, OK, this is going to be doable. It
    wasn't. Because it does a lot of rounds
  • 38:01 - 38:06
    between output moments. Not as in the FIAT
    case, one round, one bit output. It does
  • 38:06 - 38:12
    34 rounds and then it outputs two bits and
    then it does another 34 rounds and two
  • 38:12 - 38:20
    more bits. And during these 34 rounds, it
    mixes the whole 128 bit secret key into
  • 38:20 - 38:24
    the state. There is so much distance
    between these moments that it is very,
  • 38:24 - 38:31
    very hard to relate any of this
    information or any usable assumption that
  • 38:31 - 38:40
    survives so much new mixing of
    information. I did my best. I found some
  • 38:40 - 38:44
    stuff. Nothing that is usable to mount an
    attack. You can read my thesis if you're
  • 38:44 - 38:53
    interested in the details. I found it
    funny to find an implementation of a
  • 38:53 - 38:58
    security transponder in an engine. While
    I, In the beginning of this talk pointed
  • 38:58 - 39:03
    out that the engine doesn't talk with the
    transponder. So I went back in time and I
  • 39:03 - 39:11
    analyzed another vehicle, a Corsa Model C
    and found that this was different. This
  • 39:11 - 39:17
    car had indeed an engine that talks with
    the key. And what probably happened is
  • 39:17 - 39:23
    that they wanted to decouple development
    of engines and development of cars so they
  • 39:23 - 39:27
    could upgrade security transponders
    without replacing their engines or
  • 39:27 - 39:33
    replacing their engine firmwares. So I
    think that is how this happened and why
  • 39:33 - 39:39
    they just decided to well, then implement
    the security transponder and emulate it in
  • 39:39 - 39:44
    the body control module towards the
    engine. It seemed like a convenient
  • 39:44 - 39:50
    solution, I guess. It is by far the
    strongest algorithm I have encountered in
  • 39:50 - 39:55
    these three case studies. And while it is
    out of scope because I limited myself to
  • 39:55 - 40:00
    the actual cryptographic primitives, I
    felt the need to point out that the random
  • 40:00 - 40:09
    number generator is really not very good.
    They use the tick counter of the CPU as
  • 40:09 - 40:13
    source of randomness and then they use a
    couple of constants that, if you google
  • 40:13 - 40:24
    them, direct you to the Netscape random
    number generator. So summing it up: We
  • 40:24 - 40:31
    found that Peugeot used a tiny key space
    with only 1.3 million different possible
  • 40:31 - 40:40
    PIN codes. They leak a lot of information
    in the response. If you can inject a zero
  • 40:40 - 40:45
    challenge, you immediately get the full
    secret. It has a lot of collisions, which
  • 40:45 - 40:54
    makes it really not very robust against an
    adversary. Fiat has a schoolbook algorithm
  • 40:54 - 41:01
    and it's vulnerable to schoolbook attack.
    It's a nice idea to implement neutral
  • 41:01 - 41:08
    authentication, but it doesn't really work
    in this context. And worse, they reuse
  • 41:08 - 41:15
    that part of the secret as the vehicle PIN
    as opposed to using the other part of the
  • 41:15 - 41:21
    secret that is used to generate a
    response. If that would have been the
  • 41:21 - 41:28
    vehicle PIN I would not have been able to
    mount this attack. And lastly, Opel
  • 41:28 - 41:34
    decided to clone an obsolete security
    transponder. The successor, high tech II,
  • 41:34 - 41:42
    was desperately broken. This one wasn't.
    Not by me. I have a master's degree, not
  • 41:42 - 41:47
    in cryptanalysis. I'm not convinced that
    it's a secure transponder, but it is
  • 41:47 - 41:52
    certainly better than the other two I
    analyzed. And also interesting is that all
  • 41:52 - 41:59
    these three systems are still around in
    new vehicles. Maybe not all models, but
  • 41:59 - 42:05
    they're still being manufactured. So I am
    curious to see how this relates to other
  • 42:05 - 42:13
    manufacturers, other models. And I think
    it would be interesting to, well, do some
  • 42:13 - 42:19
    further research in this domain and see
    what else is out there. So to finish with
  • 42:19 - 42:26
    a few takeaways. Don't do your own crypto.
    It's often said and repeated. You are
  • 42:26 - 42:32
    going to mess it up. Just use standardized
    cryptographic components and maybe try to
  • 42:32 - 42:38
    get people that are actually security
    experts to implement it instead of hoping
  • 42:38 - 42:45
    for the best. Don't reuse secrets. These
    two case studies revealed that reuse of
  • 42:45 - 42:51
    secret made the attack much more powerful
    than it needed to be. Minimize the number
  • 42:51 - 42:54
    of cryptographic protocols and
    cryptographic primitives that you're
  • 42:54 - 43:01
    using. The more different primitives, the
    more attack surface you create for an
  • 43:01 - 43:07
    adversary. And lastly, as I mentioned
    before, there has been an arms race in
  • 43:07 - 43:12
    transponder security. How is it possible
    that a modern car key may be equipped with
  • 43:12 - 43:20
    AES or other fairly secure cryptographic
    features, and these protocols that date
  • 43:20 - 43:27
    from 1995 and such are still there, not
    replaced. Apparently no one either figured
  • 43:27 - 43:35
    it out or there are other very important
    reasons to just leave them there. So I
  • 43:35 - 43:40
    hope that was interesting. Maybe
    entertaining and I'll happily take any
  • 43:40 - 43:47
    questions you have for me.
  • 43:47 - 43:48
    applause
  • 43:48 - 43:52
    Herald: Bedankt Wouter Bokslag. Thank you.
    You know the game if you have questions -
  • 43:52 - 43:59
    oh, we already have questions. There are
    microphones, microphones number 1 to 7 and
  • 43:59 - 44:05
    2 to 8. And the Internet has questions
    already. So we start with the Internet.
  • 44:05 - 44:09
    Internet, please.
    Signal Angel: Why don't make cars more use
  • 44:09 - 44:14
    of rings of security or layers or
    permissons system?
  • 44:14 - 44:21
    Wouter: Oh, well, this is embedded
    security. This is not a PC or smartphone
  • 44:21 - 44:27
    security. It's embedded security. And I
    think automotive manufacturers do their
  • 44:27 - 44:34
    best, but this is just not their game. And
    yeah, there is plenty of ways you could do
  • 44:34 - 44:41
    this in a more secure manner. But they
    didn't. I cannot really say, why not do it
  • 44:41 - 44:47
    better? Of course they should do it
    better. But I think it's understandable
  • 44:47 - 44:53
    that they may be a bit behind on this game
    that is relatively new to them.
  • 44:53 - 44:57
    Herald: Thank you. And microphone number
    one.
  • 44:57 - 45:03
    Q: Hi. Amazing work, but I have a
    question. Did you find any simpler, more
  • 45:03 - 45:09
    entertaining mistakes like storing the PIN
    in the open, in other components in the
  • 45:09 - 45:13
    car?
    Wouter: Well yeah, I did do some other
  • 45:13 - 45:18
    stuff besides the 3 cases I presented
    here. I also investigated some
  • 45:18 - 45:24
    authentication mechanisms for diagnostic
    functionality and I didn't put them in my
  • 45:24 - 45:30
    thesis because it's nice to have a clear
    message and a clear line of research. But
  • 45:30 - 45:37
    I've seen authentications that are really
    pretty hilarious, such as challenge -
  • 45:37 - 45:48
    secrets - subtract - response.
    Herald: Answered? I think this is a yes.
  • 45:48 - 45:54
    Microphone number 2, please.
    Q: Hey, thank you for the talk. Two short
  • 45:54 - 45:58
    questions. How did you specifically choose
    those two cars, those three cars, and
  • 45:58 - 46:05
    which parts or are parts of these flaws
    fixable in later firmware, bootloader,
  • 46:05 - 46:10
    software, coding, update, whatever?
    Wouter: Yeah, Okay. I chose these cars
  • 46:10 - 46:17
    mainly by availability. I didn't really
    cherry pick models. It was just that at
  • 46:17 - 46:23
    the place where I was doing my internship
    then, I was, I had some platforms to play
  • 46:23 - 46:27
    around with. You have seen my very
    professional PSA setup, that was the most
  • 46:27 - 46:35
    professional I had. So yeah, this is what
    I had. And since I in the end found that
  • 46:35 - 46:43
    they are still relevant right now, I think
    that wasn't really harmful in any way. It
  • 46:43 - 46:48
    turns out to be a good choice. Your second
    question was?
  • 46:48 - 46:53
    Q: Can those flaws be fixed in an update?
    Wouter: Oh yes. Well, in some sense,
  • 46:53 - 47:00
    except that there is no real
    infrastructure to roll out updates. So all
  • 47:00 - 47:03
    the cars that are out there, I don't think
    they are going to recall them to update
  • 47:03 - 47:04
    firmwares.
    Q: But normal servicing...
  • 47:04 - 47:13
    Wouter: Yeah, yeah, you can do that. It
    takes time. So it doesn't incur costs for
  • 47:13 - 47:18
    the manufacturer. But what you could do,
    for instance, is just use timeouts in the
  • 47:18 - 47:27
    PSA case and make sure it's not too easy
    to try lots of authentication attempts.
  • 47:28 - 47:33
    It's not a fix because it doesn't really
    fix it. But well, it's certainly a
  • 47:33 - 47:39
    mitigation. It somewhat limits the impact.
    In the Fiat case, it's a bit harder
  • 47:39 - 47:45
    because you cannot really change an entire
    algorithm because there's different
  • 47:45 - 47:49
    engines. And yeah, I think that would be
    quite a hassle. You really have to change
  • 47:49 - 47:52
    your protocol there.
    Q: Thank you.
  • 47:53 - 47:55
    Herald: Thank you. Microphone number five,
    please.
  • 47:55 - 48:01
    Q: Are the secrets unique per car? And if
    so, how do you handle the case when one of
  • 48:01 - 48:06
    the units has to get replaced?
    Wouter: Yeah. The secrets are unique for
  • 48:06 - 48:16
    car and replacement frequently involves a
    procedure to couple the new ECU in the
  • 48:16 - 48:21
    current system. And you just have to put
    the ECU there, connect to the ECU and
  • 48:21 - 48:25
    enter the vehicle pin. So that is quite
    probably also the reason that they reused
  • 48:25 - 48:30
    a secret, because if you use a different
    secret, you have to have some kind of
  • 48:30 - 48:37
    complicated secret sharing protocol that
    well, brings the new ECU up to speed with
  • 48:37 - 48:40
    the key material that's being used inside
    the vehicle.
  • 48:40 - 48:45
    Herald: Thank you. Microphone number one,
    please.
  • 48:45 - 48:53
    Q: Hello. So what I'm struggling to
    understand here is why there was the need
  • 48:53 - 48:59
    to decouple the communication in the first
    place and just split it in two. I can
  • 48:59 - 49:03
    guess that is so that the ECU can be
    trained on new keys. But then isn't it
  • 49:03 - 49:08
    easier to just, you know, instead of
    training like the ECU and telling it: Hey,
  • 49:08 - 49:15
    this is the new key's key. Just load the
    ECU's key on the new transponder.
  • 49:15 - 49:19
    Wouter: So if I understand your question
    correctly is that you wonder why we need
  • 49:19 - 49:25
    two different authentication systems, one
    for the key to BCM and one for the engine
  • 49:25 - 49:29
    to BCM and not use the simple model of
    having the key talk to the engine control
  • 49:29 - 49:30
    module.
    Q: That's correct.
  • 49:30 - 49:34
    Wouter: All right. You have to understand
    that engine development is done by
  • 49:34 - 49:41
    different companies and the same engine
    may be used in various different vehicles,
  • 49:41 - 49:49
    maybe even from completely different
    ranges. And it is complicated to give
  • 49:49 - 49:56
    these cars a different firmware. So it's
    definitely possible. But they just want to
  • 49:56 - 50:00
    build an engine and build a car and have
    it work together. And another car with the
  • 50:00 - 50:07
    same engine should also work. So it's, ...
    it has to do with their process of
  • 50:07 - 50:14
    developing vehicles.
    Q: But then shouldn't also, I mean, I'm
  • 50:14 - 50:20
    assuming that the part that talks to the
    transponder and talks to the engine still
  • 50:20 - 50:27
    has to match the engine communication
    protocol anyway. So, I mean, doesn't the
  • 50:27 - 50:32
    car producers still have to match the
    engine protocol anyway at some points
  • 50:32 - 50:35
    anyway, so why just not implement it on
    the key in the first place?
  • 50:35 - 50:39
    Wouter: Yeah. Well, this is all
    speculation from my side as well. I have
  • 50:39 - 50:46
    no inside information as to why they did
    this. But yeah, I can imagine ways that
  • 50:46 - 50:54
    they could fix this and they don't do it.
    And my experience is that generally this
  • 50:54 - 51:00
    has to do with legacy and compatibility
    issues. They could also just embed five
  • 51:00 - 51:06
    algorithms in the BCM or the engine
    control module and just by configuration
  • 51:06 - 51:11
    choose the one that fits for that vehicle.
    I have no idea why they don't do that. But
  • 51:11 - 51:15
    once again, these are not software
    companies. These are automotive companies.
  • 51:15 - 51:19
    Q: Awesome. Thanks.
    Herald: Thank you. Microphone number
  • 51:19 - 51:23
    three, please.
    Q: Thank you for the great talk. Once we
  • 51:23 - 51:30
    have the OBD connected to the Internet and
    do you see any other complication that
  • 51:30 - 51:34
    could prevent me to park the car remotely
    from there?
  • 51:34 - 51:43
    Wouter: OBD connected to the Internet...
    Now well, no. Why? Once you have OBD
  • 51:43 - 51:53
    access so you can use the OBD port you can
    do a lot. There are cars that use a
  • 51:53 - 51:59
    gateway that is some kind of filter or you
    have to authenticate towards it before you
  • 51:59 - 52:03
    can access the internals of the vehicle.
    So it really depends on the model. It
  • 52:03 - 52:08
    depends on the manufacturer to which
    extent you have room to maneuver there.
  • 52:08 - 52:13
    For some, it would be super easy, for some
    it would be a lot of work. For some, it
  • 52:13 - 52:17
    might be impossible. But you certainly
    have a very, very good starting point.
  • 52:17 - 52:21
    Q: Thank you.
    Herald: Microphone number one, please.
  • 52:21 - 52:27
    Q: Hello. Did you spot any kind of anti-
    brute force measures during your analyses?
  • 52:27 - 52:31
    That's the question number one. And
    question number two is: Obviously you had
  • 52:31 - 52:36
    access to the internal communication
    between the BCM and ECM, but were those
  • 52:36 - 52:42
    attacks successful on Fiat and Peugeot,
    are they doable using just the OBD-II
  • 52:42 - 52:47
    port? Or do you actually need to see the
    internal communications?
  • 52:47 - 52:53
    Wouter: I tried to point out in the
    beginning of my talk that I carry out all
  • 52:53 - 52:59
    the attacks presented and I focused only
    on functionality that is exposed through
  • 52:59 - 53:05
    OBD. So, yes, I did some stuff on the
    hardware of the ECUs, but that was just
  • 53:05 - 53:10
    for research. So the attacks are
    absolutely doable over OBD.
  • 53:10 - 53:17
    Q: OK, and the previous question there,
    which was already partially answered.
  • 53:17 - 53:21
    Wouter: Yes.
    Q: So no, like, locking out after five
  • 53:21 - 53:27
    failed trials?
    Wouter: I did find something that was
  • 53:27 - 53:37
    peculiar in the PSA case, and that is that
    if you... let me think. There is rate
  • 53:37 - 53:46
    limiting implemented in the PSA on the
    engine control module. Is that right? No,
  • 53:46 - 53:52
    on the body control module. And that means
    that if you spam challenges, it will at
  • 53:52 - 53:57
    some point no longer give you the
    response, which sounds like a good idea,
  • 53:57 - 54:02
    right? Rate limiting. But they did it on
    the wrong side.
  • 54:02 - 54:06
    Q: Okay, great. Thank you.
    Herald: Thank you. Microphone number two,
  • 54:06 - 54:09
    please.
    Q: Have you spotted some kinds of
  • 54:09 - 54:13
    relationship between this, like public
    identifier of the car and the secret used
  • 54:13 - 54:21
    to authenticate in the service?
    Wouter: Yeah, so if the VIN in some ways
  • 54:21 - 54:29
    could be converted in the secret, the PIN
    code of the car. No, I see where you're
  • 54:29 - 54:32
    headed, but I haven't spotted anything
    like that.
  • 54:32 - 54:35
    Q: Okay. Thanks.
    Herald: Questions from the Internet?
  • 54:35 - 54:41
    Signal Angel: No more.
    Herald: No more. In this case, ladies and
  • 54:41 - 54:59
    gentlemen, bedankt Wouter Bokslag. Thank
    you very much.
  • 54:59 - 55:13
    applause
  • 55:13 - 55:16
    postroll music
  • 55:16 - 55:20
    Subtitles created by many many volunteers and
    the c3subtitles.de team. Join us, and help us!
Title:
36C3 - Vehicle immobilization revisited
Description:

more » « less
Video Language:
English
Duration:
55:20

English subtitles

Incomplete

Revisions Compare revisions