2010-02-26

Risk Assessment: Electronic Lock Impressioner

I've kept kind of quiet about this wonderful device. It's an electronic lock impressioner.

Barry Wels talks about the possible mode of operation on his excellent Blackbag blog. I kind of assumed that's how it worked, since it claimed to work only on Ford locks for the time being.

Meanwhile, people are freaking out, labeling it "a car thief's wet-dream."

While I could agree that this device has some potential value to nefarious ne'er-do-wells, there's a fatal flaw in the media panic: You can't steal a car by impressioning the lock.

This device will give you a series of numbers, known as a key code. If you told me the key code to a car right now, I'd honestly have no clue what that key should look like. I could look it up on the Internet, probably. But then I'd need to get out my dremel, a file, a key blank and my digital calipers. If I had a cheap key-milling machine, it might save me a little bit of time. If I spent several thousand dollars, I could get a computer-controlled machine that would simply spit out a key with the right cuts. If I was convincing enough, I *MAY* be able to trick a professional locksmith to cut a key exactly to a code, but most of them would be hesitant to do this without seeing an original key, even if it was a badly damaged one.

The barrier to entry here isn't exactly high, but it's not like you can simply insert this tool into a car door and immediately drive off with it. It's going to take quite a bit of effort or a pricey initial investment for this tool to pay off. The initial investment has already been made by licensed locksmiths who already have these tools laying around. J. Random Carthief, however, probably does not. A successful auto-theft ring MAY have these tools at their disposal. As we already know: if you're being targeted by a sophisticated attacker, it's game over. They'd probably just tow your car away, repo-man style, and break it down at a chop shop.

Let's just assume for the sake of argument that you used this device to get the key code for the car's door, and spent the time to fabricate or acquire a matching key. That's a lot of hassle, but now you can open the car's door, maybe its trunk and glove box. You could even put the key in the ignition. But you couldn't steal the car. Let me explain.

This is my car. I got it a decade ago. Do you like my license plates?

At of the time of purchase, Ford (and many other manufacturers) had already been using two-factor authentication of some variety behind the scenes for years to activate the ignition system. Long gone are the days of pulling a bundle of wires out of the steering column and touching some wires together to start the car, as are the days of simply getting a copy of the car key.

Inside many keys, there's an RFID module or some other device that's somewhat unique to the key. On snazzier cars, this is an encrypted challenge/response module that can't be easily copied. On others, it's a small handful of static "signatures" which may be easy to clone with an RFID programmer or other specialized tools. Either way, without the proper code, the car won't start. In fact, if this module is missing or un-recognized, the car will often completely disable its Engine Control Unit for a period of time, usually 10 minutes.

To provide a further layer of complexity to the issue, the end-user must provide proof of owning two separate keys in order to authorize new keys to start the car. In my case, if I had two keys and lost one, I would need the dealership or a high-end locksmith to attach a special computer to my car in order to authorize a new key. That keeps the valet guy from copying your key and activating it himself. Typically, these systems require the programmer to stay connected to the car for a period of one hour before new keys can be added. Even a miscreant would need unfettered access to your car for a whole hour in order to configure a key that works.

In short, the Electronic Lock Impressioner would give a bad guy the ability to make a key that allowed him to steal the stuff in your car, and nothing else. That person would be much better off shattering your window with a brick. In the hands of a good locksmith who has all the proper tools and skill to create a key from a key code and re-program your car's ignition system, this tool should save many hours that would otherwise be spent replacing or re-keying locks. This savings will ultimately be passed on to the customer. In my opinion, this is a revolutionary device that provides benefits to the locksmith industry as well as people who need to use their services. It does so without providing much incentive to car thieves.

blog comments powered by Disqus