| ▲ | jiveturkey 6 days ago |
| disagree, if you mean simple cut key. a screwdriver defeats it. ok, if you mean a key that has a chip embedded, where the key cuts are just window dressing and the real magic is still in cryptographic proof of "something you have". i am not aware of any such key ever being produced, but i certainly do not have comprehensive knowledge. GM had something close to that. |
|
| ▲ | gchadwick 6 days ago | parent | next [-] |
| Immobilizers (which lock out the engine until there's been some authorization from another device, i.e. from a chip in the key) have been mandatory in cars in the UK at least (and I would presume Europe on similar time scales) for almost 30 years (from 1998). Seems they've been sold in cars for a few years longer than that (from 1992). According to: https://www.carwow.co.uk/guides/glossary/what-is-a-car-immob.... Maybe never introduced into the US market? Would find that hard to believe. |
| |
| ▲ | kube-system 6 days ago | parent [-] | | Immobilizers were introduced into the US long before that, but never mandated. | | |
| ▲ | jiveturkey 3 days ago | parent [-] | | immobilizers that use a chip in a physical key, are to the best of my knowledge, all simple clonable protocols. the predecessor to a code was a simple resistor. i specifically meant a kind that uses private key crypto. we absolutely could have that today but we've moved on to fobs. please correct me if I'm wrong ... i haven't studied it that extensively. | | |
| ▲ | kube-system 3 days ago | parent [-] | | Early immobilizers were just resistors, yes. (e.g. GM VATS) However, later "chipped keys" do use strong crypto over short-range wireless. The "fobs" in modern push-to-start cars actually have two separate radios in them. The one that this article is about is the long-range keyless entry radio, which primarily opens the doors. These all have separate short-range wireless radios that work inside of the car to authenticate the key before you can press the push-to-start button. That is unaffected by this hack. | | |
| ▲ | jiveturkey a day ago | parent [-] | | Thanks for that info. OK, then i'll double down on my criticism of the G_G_G_P, a "real key" for the ignition is not safer by any reasonable criteria, since the crypto part doesn't occur through the metal of the key (resistor style), but wirelessly. The key is just annoying. | | |
| ▲ | kube-system 11 hours ago | parent [-] | | Agreed. Physical ignition locks are not great security because they fail under attacks that street criminals are best at: brute force. |
|
|
|
|
|
|
| ▲ | leoedin 6 days ago | parent | prev | next [-] |
| I’m pretty sure most cars in the later key era used some sort of chip verification on ignition for the key. It wasn’t just a physical thing. Given it was 15 years ago, I don’t know how cryptographic the proof was - perhaps it was just reading a number from the key. But the hyper short range nature of it made it quite secure. |
|
| ▲ | tmerc 5 days ago | parent | prev [-] |
| I think the early 90s gm keys with the chip were just resistors in the key body. They stop reading over time but you can splice in the correct value to bypass |
