Security Analysis of an Open Car Immobilizer Protocol Stack
Source: University of Brighton
An increasing number of embedded security applications-which traditionally have been heavily reliant on secret and/or proprietary solutions-apply the principle of open evaluation. A recent example is the specification of an open security protocol stack for car immobilizer applications by Atmel, which has been presented at ESCAR 2010. This stack is primarily intended to be used in conjunction with automotive transponder chips of this manufacturer, but could in principle be deployed on any suitable type of transponder chip. In this paper, the authors re-evaluate the security of this protocol stack. They were able to uncover a number of security vulnerabilities.