Abstract
Immobilizer and remote keyless entry (RKE) systems are widely used in the auto industry to improve the security and comfort. However, most of them have vulnerabilities which allow to recover the cryptographic key. In this paper, we present attacks to break the Hitag2-based immobilizer and RKE systems. These attacks require only several minutes of computation on a laptop after obtaining four to eight valid authentication traces, i.e., authentication messages between the immobilizer and the electronic key or rolling codes of the key. The attack on the immobilizer system can fully recover the cryptographic key which allows an adversary to authenticate to the vehicle and start the engine. The attack on the RKE system can determine the state of the last rolling code and predict the next rolling code. This allows an adversary to open the door quickly without leaving any physical traces. A combination of these two attacks provides the ability to open the door and start the engine of a Hitag2-based vehicle in minutes at a very low cost.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
