Tesla cars at risk: possible to hack the key

According to research by a group of researchers in Belgium with a 600 euro software a hacker can steal a Tesla car in less than two seconds

Many of the self-driving cars

Many of Tesla's self-driving cars don't come with keys but are activated by a token (a kind of key fob) that recognizes when the driver is inside the car and allows him to digitally turn on the car with a simple touch.

Pity, however, that this ignition system, and particularly that of the Tesla Model S, would seem to be easily hackable. To hack the Tesla's opening and ignition system, it would be enough to buy a kit for less than 600 euros and have the possibility to enter in any Tesla and turn it on, without the need of the original key. Researchers at the University of Leuven, in Belgium, specialized in reverse engineering and integrated cryptography systems have created a system capable of sabotaging Tesla cars without a key. In practice it is possible to open the car, start it and run away even without having the Tesla "keychain" that allows you to operate the engine. All in a matter of seconds.

Tesla, electronic keys are easily tampered with

Researchers have discovered that the digital key that allows you to open and start the Tesla model S uses 40-bit encryption to "hide" the engine's ignition code, which is then transmitted to the vehicle's radio receivers. Belgian researchers, exploiting a table of 6 terabytes of preset keys, were able to crack the encrypted code used by the U.S. electric car manufacturer and open a Tesla without the key in less than two seconds.

A far from negligible vulnerability, but one that would appear to have already been fixed by Tesla's cybersecurity experts. For some time now, in fact, drivers can set a PIN without which the engine cannot be accessed even if in possession of the token or the encryption key needed to start the car. However, not all users are aware of this security option, not to mention that some out of laziness have never set a custom PIN. Also, all models designed and sold after June 2018 no longer use this technology with weak 40-bit encryption, but a new algorithm that is harder to hack.