Comment by zero_k

Comment by zero_k 17 hours ago

0 replies

View on Hacker News

Broke a few of these for my old work -- HiTag2 and Megamos, some of the code&knowledge used for the attack is online&published, but neither can be used to actually break the ciphers as-is [1][2]. The issue used to be that the cipher employed needed to be low-power, fast, and reliable. With current technology, one could easily use AES, and no serious auto maker should be using HiTag2/Megamos. They were hand-rolled ciphers. The way AES is used (i.e. the protocol itself) could still be wrong, of course, e.g. allowing for replay attacks, etc.

[1] Doesn't have some features which you need to use to actually attack HiTag2: https://github.com/msoos/grainofsalt

[2] Used for various pre-processing that is useful (but not neccessary) to break Megamos, but _far_ from the actual attack: https://github.com/meelgroup/bosphorus/