43

I've been reading a bit into car security and all of the ways cars can be stolen through various alterations of replay attacks. Upon researching whether any of the more modern cars are using anything more secure than "new code after usage", I haven't really found anything satisfying. Which makes me question, why don't car manufacturers just use something like RFC 4226 to secure the cars? It seems like an easy enough solution. Am I missing something here perhaps?

Anders
  • 64,406
  • 24
  • 178
  • 215
Konstantin Schlegel
  • 483
  • 3
  • 6

2 Answers2

65

RFC 4226 (HOTP) would still be vulnerable to replay attacks in some situations. In the case of old fashioned key fobs, where you have to press a button to unlock the car, imagine someone who has brief access to the key fob while you are out of range of the car. The attacker can press the button once, record the code transmitted by the fob, and then hurry out to your car, replay the recorded code, and gain access to the vehicle.

Another attack possible on this is the RollJam attack and requires only a $32 device. The device is hidden near the vehicle. When the owner comes by and unlocks the car, the signal sent by the fob is recorded by the device and jammed so the car does not unlock. The owner, naturally, tries again. The signal is recorded and jammed again, but the first signal is then replayed. The car receives the replayed signal and unlocks. Meanwhile, the second signal has still not been seen by the car so it can be used to unlock the car once the owner leaves.

Modern keyfobs are designed to be passive so that you don't have to press any button for unlocking the car. As long as the fob is in your pocket, the car will unlock itself when you walk up to it and lock itself when you walk away, no interaction required. Now if you use HOTP in this case, well then all the attacker has to do is pretend to be the car and request a code while you are out of the car's range. Then record the code, go back to the car, replay it and profit.

And then there is a DOS vulnerability. Since an attacker can request as many HOTP codes as they want, they can make the internal HOTP counter of the fob drift so far away from the counter in the car, that the fob will no longer be able to authenticate. (Actually, this can be an issue with normal fobs too. What happens if your child starts playing with it and presses the unlock button hundreds of times?)

In fact, modern keyless fobs take a lot of effort to secure. Early manufacturers decided to implement proprietary challenge-response mechanisms. A cryptographically secure challenge response system, what could go wrong? Well, guess what the car thieves did?

They simply amplified the signals transmitted by the vehicle and the fob to make the challenge-response mechanism work over much larger distances than it was meant to. So your BMW is parked outside your house and you are snug in bed having a good night's sleep. Someone walks up to your window with a special device. The device relays an amplified challenge from your car to the key fob in your room. The fob thinks the car is nearby, so it computes the response and transmits it back. The device amplifies the response so it reaches the car, and BOOM, when you wake up in the morning, your shiny new BMW is gone.

So then, the manufacturers had to apply further security measures, like measuring the time it took for the key fob to respond. If it took too long to receive the response, the car would conclude that the fob was out of range. But I guess the car manufacturers have learnt their lesson by now and have more robust security (or perhaps not).

nobody
  • 11,251
  • 1
  • 41
  • 60
  • 2
    One system used now is a movement detected in the fob, so it does not respond to the car while left by the front door. – Ian Ringrose Jun 04 '21 at 09:25
  • 2
    Are replay attacks still an issue if the authentication is time based? If the code for unlocking the vehicle is only valid for ~60 seconds, it would be near impossible to pull off. Additionally, if starting the engine/locking/unlocking all use different secrets, even the 60 second time window of unlocking the car would leave you with an unusable vehicle. Or am I getting this wrong? – Konstantin Schlegel Jun 04 '21 at 11:27
  • @KonstantinSchlegel So you mean instead of HOTP, you want to use [TOTP](https://en.wikipedia.org/wiki/Time-based_One-Time_Password) (RFC 6238)? That could work, but the interval would have to be much less than 60 seconds, more like 20 nanoseconds, if you want to prevent relay/amplification attacks too – nobody Jun 04 '21 at 11:32
  • 1
    @KonstantinSchlegel As for the different secrets, that doesn't provide any tangible security benefit, since if the attacker can get the code for unlocking the car, they can also get the code for starting it. – nobody Jun 04 '21 at 11:36
  • Now I'm wondering what the countermeasure for the rolljam attack is beyond never pressing the unlock button when it doesn't work the first time. (also, how do you receive something that you are simultaneously jamming?) – Michael Jun 04 '21 at 23:58
  • @KonstantinSchlegel it does sound challenging; gone in 60 seconds :P – kokociel Jun 05 '21 at 00:32
  • 1
    @Michael Car listens on a spectrum because frequency of the keyfob signal can vary due to temperature and power. Jammer adds noises in the spectrum preventing car to hear the signal. Then another relay is tuned to listen keyfob signal. Frequency of the keyfob is already known to the attacker. – defalt Jun 05 '21 at 04:05
  • I wonder what if you used something sufficiently high-gain that you have to actively aim the key-pointer at the specified receiver while pressing the button. Actually use a laser as the carrier? – obscurans Jun 05 '21 at 07:38
  • 1
    @Michael I'm not sure what you can do on an individual level. Even if you don't press the button again after it doesn't work the first time, the device still has one valid code stored. As far what manufacturers can do to mitigate this, they should probably move away from rolling codes and instead use challenge-response. – nobody Jun 05 '21 at 08:15
  • 1
    @obscurans IR signal can reflect on hitting car's body which can be captured secretly. This is why TV remotes still work even when there's no direct line of sight. While capturing, the attacker can feed IR receiver on the car with noise. This recreates rolljam attack but with IR relays. The only advantage is, it reduces the attack vector by requiring the owner to be in line of sight. – defalt Jun 05 '21 at 17:17
  • @defalt aren't TV remotes using generic IR transmitters, which spread is the point? I'm thinking a literal laser pointer that needs to be aimed at a specific spot on the car. To capture a reflected signal you'd need to be at the exact point where the ray goes (car bodies aren't exactly diffuse reflectors). Yes it negates a lot of the point of keyless but it still avoids fiddling with a physical key. – obscurans Jun 06 '21 at 10:58
  • Interestingly, once the car is powered up, when the fob will be eventually out of range the car won't either power off (safety!), alarm or slow down to 30kmh. I mean, manufacturers should check constantly whether the fob is inside the vehicle and take some action if not. Of course, powering off the engine (and the powerbrakes) in the middle of a 150kmh highway journey is insanely dangeous if the cause is the failing battery. But some "action" will be advisable in future models. Of course thieves can start to use low-latency 5G network to reroute the signal from bedroom to the guy inside car – usr-local-ΕΨΗΕΛΩΝ Jun 06 '21 at 22:54
18

The design flaw is not in the cryptographic binding between the prover (key) and verifier (car). It's in the communication channel. HOTP is a secure way to generate tokens but it doesn't secure the channel. HOTP can be only used in keyfob with remote locking/unlocking. NFC devices have an unfixable problem of relay attacks on which attacks against keyfobs are based on.

Modern cars use 3 types of keys:

Keyfob With Remote Locking/Unlocking & Push Button Start

Keyfobs use rolling code to authorise lock & unlock command. The car passively listens to the code and verifies if it matches with the future code. Manufacturers can actually use HOTP here but it cannot be used for push button start. Push button start verifies keyfob through challenge & response to detect keyfob presence. Car also periodically pings keyfob to detect its presence while running and throws warning if keyfob is not being detected. Keyfobs are vulnerable to RollJam attack and Signal Amplification Relay Attack (SARA).

In RollJam attack, the relay jams & captures the 1st signal. The car owner thinking it might have been missed, signals one more time. The relay jams & captures the 2nd signal and replays the 1st signal. Now the attacker has unused 2nd signal to unlock the car. To start the car, the attacker uses SARA to amplify the challenge signal so it reaches to the keyfob and relay back the response to the car. It's enough to start the car but if the car stops, it won't start again without keyfob presence.

Keyless Entry Fobs & Push Button Start

Keyless entry fobs don't use rolling code to lock/unlock the door. They use challenge-response entirely. Cars continuously emit a random challenge and listens for the keyless entry fob to produce token over the challenge. As long as the keyless entry fob is in proximity, door remains unlocked and trunk can be open with a button press.

It is also vulnerable to SARA. Car thieves have been caught using this attack to steal luxury cars. The only condition is once the engine is started, it shouldn't be turned off after leaving the sight.

Smart Card Keyless Entry & Push Button Start

Contactless Smart Card keys are relatively more secure because their passive power source limits the range of prover to just 3-6 cm from the verifier. Beyond that range, the smart card cannot be powered or the response from the card is not reachable to the verifier. Tesla Model X comes with NFC smart card key and keyless entry fob as an accessory. It is the same concept as contactless payments.

Although SARA doesn't work on contactless smart cards because of small range, the basic relay attack still works. E.g. The attacker has to just wave the relay around your pockets while being connected with the other relay near the car over wifi, bluetooth or mobile data. This attack also works on contactless payments.

The only counter measure against relays is Distance Bounding Protocol (demo). With distance bounding, the relays have to be under 6 metre of the distance between the verifier and the prover if latency tolerance is 20 nanoseconds. Only the verifier needs to have clock for this. Distance bounding is actually the specification of EMV Contactless Cards and only Mastercard is known to be using it. Car manufacturers needs this to prevent relay attack against keyless entry fobs and smart card keyless entry.

defalt
  • 6,231
  • 2
  • 22
  • 37
  • 3
    Now why don't cars require constant presence of the keyfob to keep running? As in, interrogate the fob every second while the engine runs, and if too many replies are missed in a row, make the dashboard show an alert like "Lost keyfob connection, pull over immediately, stopping engine in 30 seconds." That should thwart any relay attacks (unless the thief places one relay station near your house and another in the moving car, but that should be easy to take care of using distance bounding). – TooTea Jun 04 '21 at 10:24
  • 11
    @TooTea, that's likely because the manufacturers are aware of the consequences of wrongly triggering a shutdown. – Toby Speight Jun 04 '21 at 10:49
  • 7
    @TooTea It's a federal regulation. Cars are required to alert **Keyfob Not Detected** on the dashboard if keyfob is missing or malfunctions so the driver can reach to the safe point. – defalt Jun 04 '21 at 10:56
  • @TobySpeight It wouldn't be any worse than a wire from an ordinary ignition switch coming loose (or a million other issues that can make an engine quit all of the sudden). There would have to be a generous timeout to let you vacate a level crossing or the like. – TooTea Jun 04 '21 at 11:02
  • 2
    @TooTea Ford Interceptor police vehicles _do_ shut off if the fob goes out of range. As far as I have been able to determine, Ford only offers this feature to law enforcement. – Michael Hampton Jun 04 '21 at 12:51
  • 5
    @TooTea no, it is not. Wire coming loose (1) is not intentional and (2) still makes a manufacturer or a mechanic liable if something happens. Law enforcement people make a very specific (and forced) tradeoff between security and usability. And in contrast, some cars that save lives (fire engines and likes) are never locked and start with a button. – fraxinus Jun 04 '21 at 12:56
  • 7
    @TooTea, ever had a keyfob battery die? – Ben Jun 04 '21 at 13:25
  • @Ben Yes, but it wouldn't be hard to show a "low battery" indicator on the dashboard well in advance of the battery actually running dry. – TooTea Jun 04 '21 at 14:18
  • 5
    I'd like a "low battery indicator broken" indicator – Andreas Jun 04 '21 at 23:15
  • 2
    @TooTea I took Ben's comment to refer to the fact that continuous (or every second) interrogation would make the battery drain a *lot* faster. – Michael Jun 04 '21 at 23:57