A Volkswagen key with the RFID chip read by the Motorola Megamos transponder. VW sued to keep researchers from revealing its weak crypto.
Moxfyre
In 2012, researchers at Radboud University in the Netherlands discovered a security flaw in a common automotive security chip used in theft prevention by Volkswagen, Audi, Fiat, Honda, and Volvo vehicles. But after they disclosed their results to the auto manufacturers—a full nine months before they planned to publish them—the automakers sued to keep them quiet.
Today, that suppressed paper is finally being presented at the USENIX security conference in Washington, DC. Entitled "Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer," the paper details how researchers Roel Verdult, Flavio Garcia, and Baris Ege uncovered weaknesses in the cryptography and authentication protocol used in the Megamos RFID transponder used in car immobilizers used in many luxury vehicles.
Read more: http://arstechnica.com/security/2015/08/researchers-reveal-electronic-car-lock-hack-after-2-year-injunction-by-volkswagen/
Related Article: https://www.ibm.com/blogs/research/2015/11/would-you-know-if-your-car-was-being-hacked/
