Toyota Prius Forum banner
Status
Not open for further replies.
1 - 20 of 106 Posts

·
Registered
Joined
·
11 Posts
Discussion Starter · #1 ·
would the prius be more of a target now with the high price of fuel?

High-tech thieves are becoming increasingly savvy when it comes to stealing automobiles equipped with keyless entry and ignition systems. While many computer-based security systems on automobiles require some type of key — mechanical or otherwise — to start the engine, so-called ‘keyless’ setups require only the presence of a key fob to start the engine.

rest here http://www.leftlanenews.com/2006/05/03/ ... teal-cars/
 
G

·
That article sounds like total BS. Actually I don't think the writer knows what he's talking about.

For example:

What would "Tim Hart of the Auto Locksmith Association" know about modern encryption locks? Probably nada unless he's also a cryptologist, but it's not the "crytology association."

QUOTE:
“At key steps the car’s software can halt progress for up to 20 minutes as part of its in-built protection,” said Hart. Because the decryption process can take a while — up to 20 minutes, according to Hart —"

That's a misunderstanding.

What an electronic lock does is freeze for a period like 20 minutes and stop listening to unlock requests if it detects repeated wrong unlock codes or "hacking." So, if someone tried to "hack" the Prius key the Prius would freeze up after a few seconds of trying, and they'd have to wait 20 minutes before continung. Then the Prius would detect those attempts and freeze up again for another 20 minutes. At that rate it would take forever to crack the code becasue you'd only get a few seconds of trying every 20 minutes

Modern encryption uses extremely long prime numbers for keys. 56 bit keys are standard. 56bit = 72 quadrillion or 72,057,594,037,927,936, possibilities and there are no short cuts only brute force; i.e. to try them one by one.

The maker of RSA encryption regularly hosts competitions to see if people can crack 56 bit keys for a $10K prize. Last competition it was cracked so people are concerned it might not be strong enough for business secrets. However, to keep that in perspective it took 4000 teams of computer and cryptography people working in concert on tens of thousands of computers networked over 210 days to crack 56 bit.

Petty crooks with a laptop cracking modern encryption in 20 minutes? Impossible.

It would literally be easier to jack it up and roll it into a trailer truck and drive off or attempt to break open the engine mechanically on the street and rebuild the entire ignition which is not a trivial job. There is no chance that will be done for a Prius. I don't even see how it would be profitable/feasible for a Rolls Royce unless it was left in an isolated field or something.
 

·
Registered
Joined
·
18 Posts
excellent description labbit.

Do you know for a fact that the security built into the prius only accepts a few wrongs codes and then 'locks up' for 20 minutes before receiving any more unlock requests? This seems like a brilliant idea and the most logical solution to this problem, but I was just curious where you found this info. Is it in your manual?

I don't mean to discredit you, but am just concerned. I totally understand your calculations (i'm in IT) and will be a new prius owner in a week so I'm just curious :)
 

·
Registered
Joined
·
7,161 Posts
Also the lock is rolling code, where there's an algorithm to determine the next sequence. I doubt the algorithm makes every possible code an actual valid code that would be presented by a fob.

There was an experiment done with trying to crack rolling code RFID security as well as fixed code security. It took much longer than 20 minutes, and it took quite a bit of computing power to use brute force, but it wasn't impossibly long.
 
G

·
puppetmasta said:
Do you know for a fact that the security built into the prius only accepts a few wrongs codes and then 'locks up' for 20 minutes before receiving any more unlock requests?
I read somewhere that the Prius has a temporary lockout feature if it detects hacking. That's typical to prevent brute force hacks.

DanMan32 said:
Also the lock is rolling code, where there's an algorithm to determine the next sequence. I doubt the algorithm makes every possible code an actual valid code that would be presented by a fob.
The way that usually works is the key and lock during the handshake agree on which secret code will be transmitted based on an algorithm stored secretly on both sides. The code is transmitted, verified, and then not used again. If there is an error it tries again with a different code.

DanMan32 said:
There was an experiment done with trying to crack rolling code RFID security as well as fixed code security. It took much longer than 20 minutes, and it took quite a bit of computing power to use brute force, but it wasn't impossibly long.
40 bit encryption is “only” about a trillion possible codes and it’s possible to crack but extremely difficult. There are also 48 bit keys which are 256x more difficult still, and there are higher bit keys like 128 which are basically impossible to crack. Not sure what the Prius uses but even if it's "only" 40 bit that's still a lot of security.


The people worrying about this kind of stuff seem to be ignoring the amount of trouble it takes, the computing power, the skill, and relative ease with which regular key cars can be broken into and stolen with something as simple as a punch drill or even a screwdriver. It’s like worrying that parking your Prius inside a bank vault isn’t safe enough because vaults can still be robbed.

Anyone who has the hardware and brains to even begin attempting to crack an encrypted lock should easily get a mid to high 6 digit salary job or go after more lucrative targets.
 

·
Registered
Joined
·
198 Posts
Anyone who has the hardware and brains to even begin attempting to crack an encrypted lock should easily get a mid to high 6 digit salary job or go after more lucrative targets.
Hmm, I should speak to my manager about that raise. :wink:
 

·
Registered
Joined
·
7,161 Posts
They used to think that the original encryption used for cell phones were impossible to crack, but soon became very easy. Same with WEP.

Therefore, it is not inconcievable that the wireless, keyless entry/start would have a weakness that could be defeated. Brute force cracking may not be necessary, and even if BF is part of the answer, as computing power increases geometrically, what would take years can take minutes.
 

·
Registered
Joined
·
30 Posts
Cars with normal locks can be opened and started in 40 seconds or so. Even if someone could start a Prius in 20minutes, I doubt they would take the risk. It isn't a $100,000 car.
 

·
Registered
Joined
·
7,161 Posts
Also, another trick that thieves employ is to remove the immobilizer checking ECM with one that's been modified to not care. In most cars, the ECM is located under the hood, is easy to reach and can be swapped out in minutes. With the Prius, the weakest link is the HV ECU. This ECU is what ultimately decides if it is going to engage all systems or not.

The power ECU also has a part in making this determination to get to ACC, Ig-On, or READY mode power state (Ig-2), but these can easily be overridden by hotwiring the associated relays, as many can attest to when they had battery backup systems connected through the power outlets; the car wouldn't completely shut off.

But even if one powered up to Ig-2, the HV ECU decides if it is going to engage the HV relays, operate the inverter (a dynamic process) and engage the ECM as needed to run the ICE. The HV ECU is under the dash, and has LOTS more wires than the typical ECM, thus would be troublesome to swap out with a modified one.

Though one could swap the HV and the immobilizer ECUs with ones that were paired to each other and to a working fob that the thief had. Again however, lots of hard to disconnect plugs to get to in tight to reach places.
 

·
Premium Member
Joined
·
2,815 Posts
MtnTraveler said:
So what happens if the battery in the fob fails? Can you start the with a mechanical key?
You use the mechanical key to open the driver's door.

You put the fob in the keyslot like normal and the power to energize the chip is from the car, like normal.
 
G

·
DanMan32 said:
They used to think that the original encryption used for cell phones were impossible to crack, but soon became very easy. Same with WEP.
Not the "same thing" at all. That's called reasoning from the specific to general. The origional cell phone encryption was really crap.

WEP encryption is a commonly used form of RSA, the same encryption which guards the top national and industrial secrets in the world. RSA including WEP variants have been around for a long time and proven to be highly secure relative to applications. It's tested and it's proven. It's not crackable except by brute force.

RealAle said:
Anyone who has the hardware and brains to even begin attempting to crack an encrypted lock should easily get a mid to high 6 digit salary job or go after more lucrative targets.
Hmm, I should speak to my manager about that raise. :wink:
lol. Really? So you crack WEP all the time then? I'm sure the NSA would love to hire you.

People who say they could do it... Ok, go try and see how far you get.

Unless you have a doctorate in cryptology from one of the better universities, a lot of time, and at least several thousand to invest in the effort... good luck. Even then you're only going to prove it can be done with a lot of skill, time, and money in a lab environment as an experiment without comitting a crime and attracting law enforcement. Taking that and making a car theft business is another huge hurdle unless one wants to spend a lot of time in prison.
 
G

·
Marco said:
Cars with normal locks can be opened and started in 40 seconds or so. Even if someone could start a Prius in 20minutes, I doubt they would take the risk. It isn't a $100,000 car.
Exactly. The absurdity of this.

Again, it's like worrying somebody is going to break into your bank vault to steal 30K when there are bags of 60K lying around on the street and other identical vaults conntain as much as several hundred thousand.

Anyone who wants to be paranoid: wrap your key in tinfoil, and then use the leftover tinfoil to make yourself a hat. ;)
 
G

·
DanMan32 said:
Also, another trick that thieves employ is to remove the immobilizer checking ECM with one that's been modified to not care.
That's not cracking a lock. It's rebuilding part of the car to replace the lock. Big difference. It's like worrying someone will break into your home by completely removing your door because they can't crack the lock. Sure it's possible, but a lot of work and going to be very risky for the thief for little reward.

Is anyone really going to worry about that? Rather paranoid.
 

·
Registered
Joined
·
7,161 Posts
No, that still covers 'gone in 20 minutes'. The thought is that the immobilizer is not defeatable, so the car can't be driven away. This is far from the truth.

It is well known now and documented that WEP HAS been cracked. It's even stated in my Security+ study guide published by Sybex. And the book was published in 2003! Now WPA is still secure, but requires an external authentication system, such as RADIUS.
 

·
Registered
Joined
·
198 Posts
I was all set to launch a new business selling pet skunks. Just leave your skunk in the car and nobody would dare try and steal it. We were about to launch when P.E.T.A shot us down.

Lost millions on that deal. :(
 

·
Registered
Joined
·
548 Posts
Marco said:
Cars with normal locks can be opened and started in 40 seconds or so. Even if someone could start a Prius in 20minutes, I doubt they would take the risk. It isn't a $100,000 car.
Cars with normal locks can be opened, but most cars have chips on the key (the immobilizer) which makes them somewhat harder to steal.

The Prius, when it uses SKS, uses a relatively low end encryption setup, which if you have the right equipment and time, can be cracked. If you disable SKS, you're probably fairly safe.
 

·
Registered
Joined
·
7,161 Posts
I believe the SKS uses the same transmission method that the remote door lock operates. They both use the same receiver. The only difference seems to be how the fob is triggered to send a signal. With the one, a nearby oscillator excites the fob to transmit. With the other, your finger (nose, toe, tounge, etc) excites the fob by a press of one of its buttons.

So, if SKS uses weak encryption, turning it off won't help improve security since the keyless remote function is still operational.
 
1 - 20 of 106 Posts
Status
Not open for further replies.
Top