keyless entry system vulnerability

Northx · 01-16-2011, 11:43 PM

You guys see this one?

"No key required: A researcher shows how an attacker could start a car using an antenna. A signal from the car is transmitted to a computerized key, which is tricked into enabling the engine ignition."

Found their conference paper here.

Included this footnote

"Instead of providing names of car models and manufacturers that we tested, we describe the operation of the PKES system that the tested models use. We leave it to the readers to verify with the manufacturers if the described or similar PKES system is used in specific car models."

Anyone have reason to believe we're safe from this other than just the small chance of being the target?

BrokenVert · 01-17-2011, 06:37 AM

Every tIme you put your key in the ignition the car generates a new unlock code and transmits it to the key.

At least that's what I've beentold

Tom K. · 01-17-2011, 11:59 AM

Quote:

Originally Posted by maxnix

. Remote starting is not a possibility.

At least not until they discover how to remotely depress the brake/clutch pedal!

Seems to me that's another argument against allowing the remote starting in our BMWs so that folks can enjoy another cup of coffee while their motors "warm up".

Tom

Northx · 01-17-2011, 04:30 PM

Quote:

Originally Posted by BrokenVert

Every tIme you put your key in the ignition the car generates a new unlock code and transmits it to the key.

At least that's what I've beentold

Right but that security is proximity based - the assumption is the car and the key can only talk from a couple feet away. The attack seems to providing what amounts to an antenna to extend the range of the key - car thinks you're standing next to the door. So say you're at the mall or airport and walking away from your car - guy comes up to your car while you're 15 ft away and the door opens because the car is picking up the key with his antenna extender. Then jumps in and same deal to start it. I don't know how easy it is but these guys have demonstrated the technique on cars that identify when the key is in the car. Some academic does it and next thing you know someone has made a quickie version for $50 and is selling it in the back of magazines in those little ads.

Point being I'd just look back and double-check as you walk away in public places in big cities. I think we're vulnerable to this one.

01-16-2011, 11:43 PM	#1
Northx Private 4 Rep 53 Posts Drives: 128 Join Date: Mar 2010 Location: Portland, OR iTrader: (0)	keyless entry system vulnerability You guys see this one? "No key required: A researcher shows how an attacker could start a car using an antenna. A signal from the car is transmitted to a computerized key, which is tricked into enabling the engine ignition." Found their conference paper here. Included this footnote "Instead of providing names of car models and manufacturers that we tested, we describe the operation of the PKES system that the tested models use. We leave it to the readers to verify with the manufacturers if the described or similar PKES system is used in specific car models." Anyone have reason to believe we're safe from this other than just the small chance of being the target?
	Appreciate 0 Tweet Quote

01-17-2011, 06:37 AM	#2
BrokenVert Resident Kerbalnaut 477 Rep 10,703 Posts Drives: Topless Brute/Hybrid Boogaloo Join Date: Apr 2009 Location: Fahrvergnügen/NY iTrader: (0)	Every tIme you put your key in the ignition the car generates a new unlock code and transmits it to the key. At least that's what I've beentold __________________
	Appreciate 0 Quote