• JeeBaiChow@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    ·
    9 months ago

    When chipped keys launched, wasn’t there a lot of talk about how the system would negotiate a new set of keys for the next interaction making the simple act of recording radio exchanges impossible? All hot air by the manufacturers?

    • rmuk
      link
      fedilink
      English
      arrow-up
      25
      ·
      9 months ago

      Oh, boy, story time!

      One of the first manufacturers to include asymmetric encryption as a standard component of their engine immobiliser across all their cars, at least in the UK, was Fiat in the 1990s. But they faced a quandary: once they keys were encoded with the appropriate codes, what should Fiat do with the codes? If they kept a copy it would be an expensive project and charging customers to access them every time they wanted a new key cutting would be terrible PR. They could gimp the security so you could just clone a key, but then it would be very easy to sidestep the encryption.

      The solution they came with was pretty clever: in addition to the standard pair of blue keys the car came with, there was also The Big Red Key. The Big Red Key contained a code that could be used to program other keys or to change any of the parts of the engine that were part of the ECU without having to involve Fiat at all if that’s what you wanted. The customer was given an advanced security system without being beholden to the manufacturer. The Big Red Key was comically oversized, and it came with a sticker, fob and in a bag all with clear warnings to the effect: “Do not use this key. If you lose it your car is ten kinds of fucked. Do not use this key. Keep it secret, keep it safe.”

      So what happened? People happened. A small mibority of people saw The Big Red Key and insisted on using it as their day-to-day key, but it wasn’t as hard wearing as the blue keys (hard plastic instead of silicone) so it would crush or crack and, of course, people would lose them. Then when they needed a new key or needed work doing on some easily-stealable components that the ECU would validate they didn’t have their The Big Red Key, so they’d need the ECU security module wiping or replacing - which was expensive, over £1000 if I remember right.

      Naturally the shitty tabloids got hold of it and every week The Daily Mail and The Sun were full of stories of Innocent British Motorist™ Conned™ By Foreigners™. “If Mandy Pleb had known how evil Fiat were she’d have bought a Rover,” they’d moan, and Fiat had a real PR disaster on their hands, despite bringing a quality security technology to market, including it as standard and resisting the temptation to profiteer off it.

      So they gimped the security. Future Fiats didn’t have a The Big Red Key. You got your blue keys which were dumbed down and, at least for a time, went back to inferior symmetric encryption to the detriment of the overwhelming majority, but at least a handful a prats were saved from themselves and the power of tabloids to change the world for the worse went unchallenged.

      In short, fuck tabloids.

      • gian @lemmy.grys.it
        link
        fedilink
        English
        arrow-up
        20
        ·
        9 months ago

        The first rule of encryption is that the password need to be secret, not the algorithm. (not mine, but I cannot readily find the source, sorry :-( )

        A truly good encryption algorithm is safe even if I give you the source code for it but not the password I used to encrypt the data.

        • modeler@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          9 months ago

          Exactly. And all the core internet encryption and signing algorithms are fully open source. Eg RSA, AES, DIffie Helman. And these are the algorithms the US (and most other western) governments require when sending data to or from or within there servers.

        • fuckwit_mcbumcrumble@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          6
          ·
          9 months ago

          That’s assuming the algorithm is sound. If the algorithm has a flaw then it’s only a matter of time until you can easily crack anything using it.