Security Analysis of an Open Car Immobilizer Protocol Stack

Stefan Tillich, Marcin Wojcik

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)


Openness is a key criterion of security algorithms and protocols which enable them to be subjected to scrutiny by independent security experts. The alternative "methodology" of secret proprietary algorithms and protocols has often ended in practical breaks, e.g. of the MIFARE Oyster cards for public transport or the KeeLoq remote control systems. Open evaluation is common for general applications of security, e.g. the NIST competitions for selection of the Advanced Encryption Standard (AES) and the Secure Hash Algorithm 3 (SHA-3). Nowadays an increasing number of embedded security applications apply the principle of open evaluation as well. A recent example is the specification of an open security protocol stack for car immobilizer applications by Atmel, which has been presented at ESCAR 2010. This stack is primarily intended to be used in conjunction with automotive transponder chips of this manufacturer, but could in principle be deployed on any suitable type of transponder chip. In this paper we analyze the security of this protocol stack. We were able to uncover a number of potential security vulnerabilities, for which we suggest fixes.
Original languageEnglish
Title of host publicationTrusted Systems - INTRUST 2012
PublisherSpringer Verlag
Publication statusPublished - 18 Dec 2012

Publication series

NameLecture Notes in Computer Science


  • Security
  • car immobilizer
  • protocols
  • openness
  • analysis

Fingerprint Dive into the research topics of 'Security Analysis of an Open Car Immobilizer Protocol Stack'. Together they form a unique fingerprint.

Cite this