RFID crack raises spector of weak encryption

IDG News Service - With a little bit of technical acumen and a few hundred dollars, enterprising thieves can walk away with some late-model cars and gas them up for free to boot, according to research published by computer security experts at the Johns Hopkins University in Baltimore and RSA Security Inc.'s RSA Laboratories in Bedford, Mass.
In January, the researchers published the results of a technical analysis of a kind of secure radio frequency identification (RFID) technology called Digital Signature Transponder (DST) from Texas Instruments Inc., which is widely used to secure newer-generation automobiles and electronic payment systems like Exxon Mobil Corp.'s Speedpass. The work revealed serious weaknesses in the cryptographic security used to protect data sent back and forth, and shines a light on the problem of security systems that rely on aging or inadequate cryptography, according to experts.
The team of researchers included staff from Johns Hopkins' Information Security Institute such as Avi Rubin, the computer security expert who gained fame for his analysis of flawed electronic voting technology from Diebold Inc.
Rubin and a team of three graduate students, along with cryptography experts from RSA, used reverse-engineering techniques and custom-designed tools to crack the cryptographic keys used to secure the systems and simulate both the RFID DST tags and readers. The hack allowed researchers to disable a vehicle immobilizer in a 2005 Ford automobile using a specially equipped laptop computer, and purchase gas at a number of Exxon Mobil locations with a homemade Speedpass device, according to a copy of their findings posted online.
The TI technology is vulnerable to attack because it uses a decade-old, 40-bit cryptographic key to encrypt communications between the RFID DST tags and readers, the researchers found. TI also used an unknown and proprietary encryption algorithm on its DST devices. But Rubin's team reverse-engineered the secret algorithm by observing how DST tags responded to specially crafted challenges. Once they guessed the algorithm, researchers created a software program that could be used in so-called brute-force attacks on DST devices to recover the secret cryptographic keys, Rubin said.

The researchers worked for two months to break the TI algorithm, but once it was cracked, they made short work of the rest of TI's product, designing tools that guessed the encryption keys on five TI gas Speedpasses in two hours, Rubin said.
Other commercial security systems also use the DST technology, including card-key access systems for buildings and livestock tracking products, he said.
Tony Sabetti, global business manager for TI's RFID Systems, said that Rubin's team broke only