The experts say that remote entry systems on millions of cars made by Volkswagen since 1995 can be cloned to permit unauthorized access to the car’s interior.
The same experts say another system used by other brands including Ford, General Motors’ Opel and Chevrolet, and Renault can also be defeated.
In a paper to be delivered Friday at the Usenix security conference in Austin, Texas, the authors say a thief could use commonly available equipment to intercept entry codes as they are transmitted by radio frequency, and then use that information to clone another remote so the car could be opened.
Volkswagen said its latest models such as the Golf, Tiguan, Touran and Passat were not affected. It said it was having a “constructive exchange” with the experts aimed at improving security technology.
“The bar for theft prevention is constantly being raised, but ultimately there is no comprehensive guarantee for security,” the company said in a statement.
The paper leaves out key details on how to perform the hack but says the codes can be intercepted with commercially available equipment.
“It is unclear whether such attacks … are currently carried out in the wild by criminals,” the report says. “However, there have been various media reports about unexplained theft from locked vehicles in the last years.”
The report did not establish the exact number of cars that use the vulnerable systems.
General Motors said that it “does not consider this item to be a significant risk to customers due to the technical sophistication of the demonstration and the very limited circumstances under which the demonstration can be carried out.”
The company added that “the issue in question does not impact the operation of the vehicle or the safety of its occupants.”
The report’s authors said that insurance companies might have to accept that car theft scenarios that would otherwise be considered insurance fraud have a higher probability of being genuine. The only sure-fire countermeasure, they said, would be to stop using the remote and fall back on the mechanical lock using the conventional metal key.
The authors are Flavio Garcia, David Oswald and Pierre Pavlides from the University of Birmingham School of Computer Science, and Timo Kasper from German security firm Kasper & Oswald GmbH.