Skip to content

Remote keyless entry system Keeloq broken by security researchers

Vehicles

The remote keyless entry system KeeLoq is being used by Chrysler, Daewoo, Fiat, General Motors, Honda/Infiniti, Jaguar, Toyota/Lexus, Volvo and Volkswagen. A number of garage door opening systems and the like also use this technology. It is based on a secret cipher that has now been compromised by an international IT security research team. Two intercepted messages are deemed sufficient to clone a KeeLoq RFID tag as there are general keys inserted by the manufacterer and the key structure is partially determined by make and model. A stronger KeeLoq implementation (still) needs physical access to the key but only for a few minutes. It's also possible to permanently lock the legitimate owner out of his car or building and render his KeeLoq RFID useless. Details can be found at the researchers site and the folks at Wikipedia have also amended their KeeLoq article.