Tons of the rolling key systems on the market are based on KeyLoq, and keyloq is a fairly well designed system with a big lynch pin.
It has something called a 'manufacturer key', which needs to be available to any device that allows field pairing of remotes. If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Absent the manufacturer key, jamming+replay attacks work, but brute forcing a sequence key is generally prohibitively costly.
However, since any receiver that supports field programming needs the magic "manufacturer key", one could purchase such a unit, and may be able to extract said key.
They could've designed a system that doesn't require a fixed secret master key, but instead generates a unique random key for each receiver and requires a physical connection between the fob and the receiver (located inside the locked part of the car) to pair them. Of course such a generic system would be against manufacturer's interests in controlling the repair and aftermarket industry.
As long as you have two-way wireless communication (which any keyless entry/start system does), then you can simply do a Diffie-Hellman key exchange during the pairing process.
Diffie-Hellman is designed for exactly this usecase, allowing two parties to derive a shared secret key over a public channel without exposing it.
That allows the conversation to proceed in secret from listeners, but it provides no authentication to ensure that only legitimate parties are involved. The reason for physical contact is to "prove" that you are legitimately in control of the vehicle, not a random passerby.
Physical possession isn't enough to prove someone is legitimately in control of the vehicle, though. If a physical connection under the dash will hand out the key, you can bust the window, and get the key.
Part of the utility of the baked-in manufacturer key is that it is unable to be extracted by thieves.
It works well enough to just require some action to be taken on both ends. Push a button on the opener (or an already-paired remote), then pair the remote while the opener is in the pairing state. It’s possible for a passerby to intercept, but they’d have to have very good timing.
Pressing a button on the opener is physical contact. That's the entire idea that the OP was trying to relay, that you need some physical way to prove that you're eligible to pair. Not that the key itself had to be hard-wired for the process to proceed.
I'm not sure you should be that concerned about man-in-the-middle attacks.
If someone does successfully MITM while walking by the key is going to stop working as soon as they are out of range, and you will notice.
I'm just wanting a system that could be implemented with the hardware that's already there. I guess you could use the RFID chip that most keyless start cars already have as a secondary channel. Still Not 100% secure, but the MITM device would need to be physically in your car to intercept the pairing request, and at that point you have bigger problems.
Sorry, I didn't mean to make it sound like the problem was MITM. The issue is initiating a pairing request, you can't allow just any key to request it, that allows bad actors to pair a key with your car.
While I worry that it's not really secure enough, the OP was suggesting that physical contact is a way to "prove" that you are indeed eligible to pair, by excluding everyone who lacks physical contact.
Modern cars already have a complex sequence to enter pairing mode.
You need to press buttons inside the car, buttons on the currently paired key (to prove possession of that) and buttons on the key you want to pair with.
So a passer by would have to press a button on their fob at just the right moment. Then when you go to test your new key fob, it wouldn't work, so you would pair again until it was your key that was paired.
Yeah, it's the same for garage door openers today. I took the OP simply to be saying that physical access of some type needs to be available (ie. to stop anyone initiating a pairing). Some cars require the key to be physically inserted into the ignition switch, which requires the key to be correctly cut to match the car, before pairing; which is a nice extra hurdle to stop thieves quickly pairing after they break into your car.
Whatever the case, making it easier to pair, shouldn't be the primary focus, no need to help a thief doing it quickly. It would just be nice to have a way to do it, that didn't ultimately require the manufacturer to get involved; but that does remove a big hurdle for thieves, too.
I promise there is not an OBD2 port inside the headlights of cars.
There is CANBUS to the headlights, but that is not a OBD2 port. And more securely designed cars can put that in a less secure zone, so it can only send and receive commands for exterior things like lights, and not be able to have commands for keys injected, because that bus will not accept those commands.
In theory, but since this attack has to happen at the time of pairing and leaves evidence--the key you are trying to pair doesn't work afterward--I don't think this is a realistic concern.
>In theory, but since this attack has to happen at the time of pairing and leaves evidence--the key you are trying to pair doesn't work afterward-
You're assuming the goal is to discretely enter the vehicle and leave no trace. If we consider the Kia challenge [https://en.wikipedia.org/wiki/Kia_Challenge] then the goal is to take possession of the vehicle in an immediate and opportunistic fashion. If the possession fails and the key FOB now stops working, whatever, not the thiefs care. If the possession works, now there's a sweet car to abuse. Or, in the case of a crime syndicate, a sweet car to take to the chop shop.
This type of attack is not to mention a simple relay attack. If radio waves of a home (say near the front door, where the keys are stored) are relayed to another location (the car, 30 feet away), then the exact crypto and protocol is irrelevant, the car "sees" the real life actual FOB as nearby. That's another attack used in the wild.
I think you're overcomplicating it. The primary purpose of field programming is manufacturing logistics. Produce a billion identical devices with identical firmware, and then pair the key once to the car.
So it just needs to block rewrites, and the risk of any security barrier breach is negligible since it's done in factory.
I think this is technically correct but a bit confusing, since "pairing" processes usually require user actions at both ends. A keyhole that reprograms to any key from the outside makes little sense.
Given how bad the "single master key" idea is, even simple update like "transmit secret key in the open, but with reduced power, during paring mode", would be a great improvement.
It'd instantly mean there is 0% chance of someone figuring the key based on day-to-day operation.
>If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Not if seed with appropriate length is used. Though I don't know how common that is, back in 2008 authors noted that "We would
like to mention that none of the real-world KeeLoq systems we analyzed used
any seed" (https://www.iacr.org/archive/crypto2008/51570204/51570204.pd..., section 4.3)
This is why keyless "start button" functions on cars is a bad idea.
The old approach of keyfob to unlock the car and a real key for the ignition is safer.
Having multiple levels of security is good.
However, having worked in the car security industry many years ago, I discovered that car manufacturers actually like it when their customer's cars are stolen - Insurance payouts often result in another sale.
As far as I know no vehicles use this kind of rolling code algorithm for push button start, only key fob functions. Certainly not in Europe (due to immobilizer regulations) but I don’t believe anywhere else either.
Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
It’s also worth noting that European makes in general tend to have much better cryptographic key security. My understanding is that this is due to a combination of regulation, a relationship between insurance and automakers which requires some security standard, and a high rate of theft leading to an adversarial environment.
From a quick skim through the text, it seems to define what an immobiliser is, how it should work, and how it can be advertised on a car.
I don't see anything in there about them being mandatory across the EU. I know some member states passed laws mandating them before that document was published. Perhaps I got the wrong document.
Also take a look at 74/61/EEC. Some form of “immobilizer” has been required in Europe since 1998, and between actual ECE/UN directives and insurance partnerships, the standard increases every few years.
> Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
I don’t think this is true, for instance how does the key fob trigger a start sequence for vehicles equipped with remote start? They must be connected to the same CANBUS, so the key fob can interface with the start systems. This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS (i.e. headlights being addressable in CANBUS)
Yes, remote start breaks the model… which is why drive off release and remote start are separate systems. On modern European cars with automatic transmissions, the TCU will not release Park until the immobilizer (short range, challenge response) is released, and generally the ECU also limits torque request and vehicle speed.
> This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS
On vehicles with poor cryptography architecture (Honda!), yes. On most other vehicles, no, because the immobilizer messages are cryptographically authenticated, usually by using an AES MAC where the key must encrypt random bytes transmitted by the immobilizer master using a shared AES key, and all participating immobilizer modules use a similar system to verify that every module shares the same secret material. Now of course if this secret material can be extracted the system breaks (see XHorse, Abrites, etc.) but this usually requires invasive and time consuming attacks far beyond the headlight thing (for example, removing and physically opening a control unit to use an exploit to dump its key material).
Pretty short sighted, given how much we've seen insurance rates climb for specific makes. People know you'll be paying through the nose for certain Hyundais models. That kind of brand damage can't be cheap
Sure, but in my experience, people never attribute high insurance costs to the underlying risks being high, rather they blame that on the insurance companies and then vote for people who promise to “do something about it“.
I’m sure there is brand damage from people hearing that a particular car is frequently stolen, because having your car stolen as a pain. I am skeptical the analysis reaches deeper than this first level tho.
I don't think high insurance costs would result in brand damage as such. But it absolutely would result in reduced sales and/or reduced resale value, because sufficiently many people comparing which car to buy will look at the insurance cost for each particular car they are comparing as part of that decision.
I agree that if sufficiently many people consider insurance costs in the buying decision, then a high theft rate will reduce sales. I guess I am just wondering whether or not most people actually do that. It’s been a while since I bought a car, but my impression was that many (most?) people just buy based on the biweekly payment, and everything else from depreciation to gas to insurance is an afterthought.
Note those Hyundai's relied on old fashioned cut keys and not electronic transponders, and the solution was electronic transponders because the old style stuff was so trivially bypassed.
Yeah something about immobilizer on push starts being better than the key since they can just jam a USB/screwdriver in there and steal the car, Kia boys
>The old approach of keyfob to unlock the car and a real key for the ignition is safer.
"Safe" feels like wrong word to use here. Safety is not same as security.
One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
If you actually want to keep your car secure (meaning criminals wont break into it or steal it in this context) just drive old beater and do not leave anything valuable in the car or trunk. I am driving a car that is nearly as old as I am and its fighting a losing battle against rust and I have nothing more valuable than trash inside the car.
> One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
Here in the UK vehicle theft reached an all time low in 2014. It’s doubled since then. If there was an increase in car jacking it must have been minescule by comparison. It’s not really a crime that happens here.
I had an old beater van that got stolen. It turned out that model was known to be easy to steal. I suspect most car theft is done because it’s easy and fairly low risk. Walk up to a car in the night, fiddle around for a few minutes and drive off.
I still drive a car with a key. It’s completely fine. Who actually asked for keyless entry?
Me. I have problems with short-term memory and I kept forgetting my keys in the ignition.
This isn’t due to laziness or lack of trying. It’s a hardware problem that makes developing or following habits in certain situations nearly impossible. It’s like asking a blind man to organize things by color.
Now that I don’t have to take my keys out of my pocket, I’ve never left them in my car.
There is no reason why keyless entry cannot be more secure than a physical key, other than incompetence.
The cars stolen in New Zealand are usually, as you say, cars that are known to be easy to enter and drive away. Even then, they break a window. But I have also heard of break-ins at night targeting certain high-end cars and going as far as gaining entry to a garage.
> There is no reason why keyless entry cannot be more secure than a physical key, other than incompetence.
Isn't the problem that it's designed to work from a distance, and that by boosting the signal the criminals can just increase the distance so that the key inside your house reaches the car? It seems inherently less secure than the old system where the physical key has to be practically touching the ignition to disable the immobiliser.
More modern implementations of this use a time of flight check, so unless you have the ability to violate the laws of physics, boosting the signal so that a far away key transmits its signal to a nearby car is insufficient to unlock/start the car.
Are there many car keys actually using time of flight in the fob? Most of the cars I’ve owned use a much simpler approach - the key sleeps (stops broadcasting) unless moved. Drives me nuts with some fobs which have to be vigorously shaken to start broadcasting again and open my car etc. if key isn’t broadcasting, it can’t be mitm’d.
It’s been awhile but I seem to recall time of flight being patent encumbered vs sleeping the key.
This obviously isn’t 100 percent full proof but likely works well enough for preventing many common mitm scenarios such as stealing from a car park or drive way most of the time etc.
No idea on actual implementation, but the UWB keys these days all seem to be capable of it. Plenty of manufacturers advertise the capable, e.g., Bosch.
> But stealing connected car doesn't make much sense to me.
How so? Even if you know the location you need someone with jurisdiction to go get it. You disable vehicle, then it gets destroyed.
EVs are entirely different designs than an ICE vehicle, and Tesla in particular is moving beyond the flawed CANBUS to something more robust and secure.
> I have also heard of break-ins at night targeting certain high-end cars and going as far as gaining entry to a garage
My next door neighbour had someone enter their home while they slept, take the key and drive off in their car, because it was "stolen to order" most likely.
I couldn't give a shit if someone breaks in to my garage, or frankly if the car is stolen, but I don't want them coming into my house where my family is asleep for the keys.
What happens if the keys weren't downstairs by the front door, because I left them on the bedside table or something?
I'm not sure what you are saying here. Are you saying cars should be easier to steal so that no one ever breaks into your house to access the keys to your car?
Hi! It me. I had a car with keyless entry years ago. It was great. I got another car, more recently, that had a physical key. I've hated having to use the physical key. I personally am asking for keyless entry. Sorry!
Also: Hyundai/Kia cars have physical keys and are known to be trivially hot-wired. Given the "kia boyz" I'd have a hard time moving to physical keys again. Again, sorry!
Time to get flipper zero. Realistically there is not reason some Android maker couldn't roll a phone out with a keyless entry support (with or without OEM blessing heh)
Old beaters are exactly the things that get stolen. Their security can often be beaten with a butter knife or coat hanger. That's more about minimizing the losses, for which it's a useful approach. Running costs tend to be lower as there's little purchase price and no incentive to do expensive repairs instead of dumping a broken one for another running beater.
If someone wants to stole the car they will steal it.
Stealing a car is not the same as stealing a candy. In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
As for the "beaters": shortly after Russian invasion on Ukraine plenty of cars were stolen in Poland. Not the expensive kind but usually 10-30 years old cars with big and reliable engines (V6, V8). I know 6 people that had Jeeps Grand Cherokee stolen (different generations).
My uncle wanted to renovate Isuzu Rodeo with completely rusty frame but V6 engine of a value of like 300€ and it was stolen too.
> In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
This is the same in the US, at least for the expensive parts. They won’t part it out or even sell it in your country, it gets shipped out to another country where your laws don’t apply.
I'm probably completely missing the (presumably relatively common) scenarios you have in mind where stolen cars are used for violent crimes. (I'm assuming reckless joyriding isn't what you're referring to as "violent crime"; maybe that's my issue)
If you want to go commit a violent crime, and have motorized transport, and not be caught. Then it is helpful to have a vehicle that is not tied to you.
> I'm assuming reckless joyriding isn't what you're referring to as "violent crime"
It is, and worse. There have been numerous cases of scumbag teenager stealing cars and then crashing them into people, mostly by accident but often enough on purpose. They also use the cars for gangbanging shit since they know the car can't be traced back to them.
A lot of this stuff wouldn't be happening if cars weren't so easy to steal. There is a casual accessibility to stealing certain cars which makes it an easier crime to commit than carjacking (parked cars aren't witnesses, parked cars won't fight back or pull a gun of their own, parked cars won't try to run you over, etc.) Once the car is stolen, other impromptu violence seems and becomes easier.
Where I live, the ability for the "Kia Boys" to easily steal cars, really boosts their effectiveness at robbing people at gunpoint. Sprees of 20 people being robbed by the same group. It's not poor kids who lack school transporation options, doing their best to get by.
Strong disagree. Many car thefts are by POS teenagers who do it because it's easy and they can get away with it. They then proceed to drive those cars recklessly, endangering the lives of other people, or worse, use the sense of anonymity and power provided by the stolen car to commit violent crimes.
One could also argue that most people didn't bother because violent crimes are much more severely punished, now that the bar is so low people steal much more. And the stats would back it up
I'm currently driving a rental which has this feature and I can't stand it. There is no added value and this feature exists solely to appeal to people who think it's "cool". (They must exist, right?) I guess you get used to it with time but I find myself constantly having to throw the key back into the car so I can do things like exit momentarily and keep the air conditioning going. I also don't trust that the car won't then lock itself with the key and my child inside, so I also have to remember to roll down the window.
Unwarranted worries. I keep the fob in my pocket all the time, the car will keep running without the fob. Also usually these systems have incar fob detection. Mine will refuse to lock if it senses the fob is inside the car.
It won't let you press the button on the handle to lock it if the key is inside and you're not, prevents you from locking the keys in the car, mine does the same, the car will beep 3 times if I try to lock it from outside while the key is inside.
If you're also inside, you just press the lock button in the car and it'll lock just fine.
Thanks for the clarification. Wild to me I didn't know this external lock button was a thing (my car's 16 years old... but I drive a rental a couple times/year...).
There's a huge value feature, I can keep the "key" in my pocket or bag or whatever and I don't have to fetch it out. Plus the "key" can be a phone or other device.
Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
Automotive ignitions barring a few stupid setups in the 90s like the Jeep XJ (which was laughably easy to steal, but it was Chrysler and AMC so you can just expect certain levels of incompetence and shit design) have been much more than just a simple cut key. Going back to even the 80s, GM had a mostly excellent simple theft deterrent in the keys (a special resistor whose value the ECM knew, called passkeys) that made it harder than just brute forcing the ignition cylinder. It honestly made stealing someone's thirdgen or corvette a lot harder. Keys with things like fobs have evolved since and on a car with a real key made since the vast majority of this sites userbase was probably born is going to take some real specific smarts and work if you need both a physical key and whatever additional security the manufacturer has cooked into the fob. You really need an immobilizer system that requires both a transponder and a correct cut key for the security on the car to be decent.
Tumblers can be trivially bypassed or broken. The only thing providing real security in your examples are the transponders. The cut keys are worthless.
If you get rid of the transponder, it has weak security. If you get rid of the cut key, you have pretty much the same security.
> Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
Everyone can use a flipper zero to unlock a car. Not everyone can hotwire a car. Keyless ignition means criminals have a vastly larger recruitment pool of people they can offer money to do something stupid (like stealing a car for them).
> Everyone can use a flipper zero to unlock a car. Not everyone can hotwire a car.
You live in a tech bubble if you really think this is the case. Attacking a lock cylinder is a lot lower-skill of an attack than a cryptographic attack. Recent car theft epidemics have shown this, e.g. #kiaboys
It’s convenient. If I want to keep the AC on when I exit, I push the button for that before I get out.
It’s especially nice when the key is my phone. I never have to worry about keys. I just get in my car and drive, and when I arrive I get out. I keep a key card in my wallet as a backup in case my phone explodes.
As a DIY option, there are definitely ways you could add MFA-like security with a simple switch/relay (attached to said authentication factor) in most ignition systems.
However, that wouldn't help with the "desyncing" or unlocking aspects of this attack.
I had a used VW gti (late last century) with an imobilizer. It let the engine crank but wouldn’t start. It also locked the hood from opening, leading to some panic when first getting the car and forgetting it had this feature.
disagree, if you mean simple cut key. a screwdriver defeats it.
ok, if you mean a key that has a chip embedded, where the key cuts are just window dressing and the real magic is still in cryptographic proof of "something you have". i am not aware of any such key ever being produced, but i certainly do not have comprehensive knowledge. GM had something close to that.
Immobilizers (which lock out the engine until there's been some authorization from another device, i.e. from a chip in the key) have been mandatory in cars in the UK at least (and I would presume Europe on similar time scales) for almost 30 years (from 1998). Seems they've been sold in cars for a few years longer than that (from 1992). According to: https://www.carwow.co.uk/guides/glossary/what-is-a-car-immob....
Maybe never introduced into the US market? Would find that hard to believe.
immobilizers that use a chip in a physical key, are to the best of my knowledge, all simple clonable protocols. the predecessor to a code was a simple resistor.
i specifically meant a kind that uses private key crypto. we absolutely could have that today but we've moved on to fobs.
please correct me if I'm wrong ... i haven't studied it that extensively.
Early immobilizers were just resistors, yes. (e.g. GM VATS) However, later "chipped keys" do use strong crypto over short-range wireless.
The "fobs" in modern push-to-start cars actually have two separate radios in them. The one that this article is about is the long-range keyless entry radio, which primarily opens the doors. These all have separate short-range wireless radios that work inside of the car to authenticate the key before you can press the push-to-start button. That is unaffected by this hack.
I’m pretty sure most cars in the later key era used some sort of chip verification on ignition for the key. It wasn’t just a physical thing. Given it was 15 years ago, I don’t know how cryptographic the proof was - perhaps it was just reading a number from the key. But the hyper short range nature of it made it quite secure.
I think the early 90s gm keys with the chip were just resistors in the key body. They stop reading over time but you can splice in the correct value to bypass
I've never seen anything but problems with keyless ignitions. It really seems like a solution in search of a problem no one actually had, and makes the car much more irritating. I guess it's in line with the whole remove real controls and buttons crap because "muh software", "muh reprogrammable interfaces" etc that certain nerds think is a good idea for who knows what reason.
I've only ever personally seen failures with keyed ignitions. They are subject to physical wear. This is a problem solved by keyless ignitions which have zero physical wear parts.
I sometimes imagine how much of this could be avoided if the communication signals weren't (a) broadcast or (b) a imperceptible to humans.
If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
If the signals were audible sound, you'd know when someone was jamming it.
In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
> If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
You could even take it a step further for extra safety: the door handle could have a slot that requires a specifically shaped piece of metal to be inserted. Only a piece of metal with the correct shape would allow the lock to be opened.
>If the signals were audible sound, you'd know when someone was jamming it.
This would be very popular in East Asia. They love everything that beeps. Rice cookers play a melody, pedestrian crossings play a melody, garbage trucks play a melody. Japan is the country of beeps.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Yep, that's the simplest fix. Key is required in the door to open/unlock.
You'd think too that a firmware update to the car could enable that behavior. I mean most cars still have a physical lock on at least the driver's side door as a "back door" to getting into the car if the fob is non-operational.
The problem is that the overwhelming majority of cars are effectively abandonware on this metric.
This is exactly the benefit of the free software, and why having your own ability to fix, recompile and reinstall the software, is essential, even on things such as cars where you may think it's not needed or is too complex to handle.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
I would be surprised if automotive manufacturers used separate rolling code keys for locking and unlocking.
> Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
Yes, what I meant is that such symmetry is not strictly required, and breaking the symmetry opens up ways to enhance security (of unlocking when you arrive) while keeping most of the convenience (of locking while leaving.)
For example, imagine "Lock" is a typical broadcast from anywhere within X meters, but "Unlock" requires touching the fob to an infrared port, and they use independent codes.
Peugeot used to have infrared keys. Several people who thought their central locking was glitchy have been surprised to learn that pointing the key at the side window makes it work every time.
From the comment under the article and the link to the YouTube video, the firmware seems to be called “Flipper Zero Unleashed”. Seemingly available via Telegram.
Assuming it doesn't do anything else magical, I don't see much point in dignifying it with a web hit, let alone finding out its name.
It's odd to throw in the dark web, thousand dollar firmware bit when third-party firmwares are developed in the open and have long ago already implemented KeeLoq, but I guess they aim for sensationalism and shock value.
So to follow up on my misconceptions, the RollBack attack it is based on is now implemented on underground firmwares and is what is novel. The research itself too is fairly novel and was published in 2022, capable (at least, on paper) of rolling back the cipher state on the receiver, preventing de-sync (and is the crux of why this submission is amazing).
The prior RollJam that I thought this was dates back to Samy's 2015 findings. It turns out 2015's RollJam (unlike RollBack) requires active interference and seems to necessitate the attacker being in the vicinity of both the remote and the receiver.
governments are not so enamored with the “just posting code” defense, especially anymore. look at the recent Roman Storm case or what happened with decss back in the day
Roman Storm didn't "just post code." He created, and profited from, a service used by criminals (including the North Korean government!) to launder stolen money.
Of course Storm argues that Tornado Cash is decentralized, but you can't just start a mafia branch, hand out free shares at the mall, and then claim that you actually didn't commit any crimes because you have 10,000 other voting shareholders.
Publishing a contract is basically just posting code. You are saying the primary distinction is the governance token and thus financial benefits accruing to the dev?
Unfortunately that video is lots of talking and little substance, so it's hard to properly evaluate it. From the little info shown there it just looks like a nice repackaging of the old rolling flaws (https://github.com/jamisonderek/flipper-zero-tutorials/tree/...)
Depends on the implementation. Most times you just have to click it a few times in a row. The receiver then realizes it missed a few button presses and it re-syncs. I’m not sure what that window is though, at some point it might get so out of sync that the receiver ignores it and assumes it is a wrong fob.
If I remember correctly the size of the rolling window differs, more modern vehicles may allow about 100 code discrepancy before ignoring the transmitter, while old models might have been 5 to 10.
> For this new attack to work, all that is needed is a single button-press capture from the keyfob, without any jamming. Just from that single capture, it is able to emulate all the keyfob's functions, including lock, unlock, and unlock trunk.
If I don't press the buttons on my keyfob am I safe from this?
The only keyfob functionality I normally use is that when it is outside the car but within about a meter of the door handle the door can be locked or unlocked by pressing a button on the door handle.
If you keep your car key close enough to your front door, it's possible to relay the signal that the key is constantly broadcasting closer to the car, allowing an attacker to hit the button on the handle and unlock it without posesssing the key.
As I understand there's still challenge/response stuff going on when you use a physical key or similar means to unlock the car or start the ignition (as that is how the alarm system and immobiliser distinguish a real key from someone picking the lock or hotwiring the car).
I don't know the details of the attack in the article, but my speculation would be that it would be vulnerable.
If the attack causes the original key to no longer work, imo the major threat vector is someone sitting in a parking lot, capturing key presses, performing the attack, and forcing the user to tow+re-program the key as a nuisance, rather than stealing the vehicle
On what car do you _need_ the remote to enter and drive the car (having tow the only alternative to e.g. the remote battery dying)? In all cars I have used, you could just use the physical key if the remote failed.
My wife certainly doesn't know how to unlock and start the car without the "keyless" function. Every time the fob runs out of battery, she needs step by step instructions otherwise she's stuck there. She uses and sometimes programs SQL and API calls at work, but knows next to nothing about cars.
Even more nefarious is preventing the victim from using their vehicle as a refuge or escape from a dangerous situation such as an attempted murder or kidnapping.
Might make for a good movie plot -- but if someone is putting that much thought into premeditating a murder, there's a lot more straightforward ways to trap someone other than elaborate hacking scenarios.
I guess this attack is against the keeloq protocol. There are no known total breakage of this kind AFAIK, against the cryptography implemented in the chip. This will be interesting to understand, I mean: what they are exactly doing here.
You jest but there's no reason to stick with twenty year old component restrictions in a car that costs forty grand.
The real cost will be in the software validation and road safety hardening, but there's no reason why the ROM size should be limited to kilobytes.
You can implement full passkey cryptography on a basic esp32 (https://github.com/polhenarejos/pico-fido). Cut out the cruft and you can definitely get a similarly secure algorithm on an actual car key or key receiver.
And honestly, with cars now unlocking over Bluetooth and WiFi, standardising that process to something like FIDO wouldn't even be that awful of an idea. It certainly beats the "we can do cryptography at home" many car manufacturers seem to be going for.
ESP32 won't work 5 years from cell battery. My Dacia key does. Embedded hardware is limited not just because someone wants to save bytes, but because someone wants to save joules (and PCB size).
For the past 20 or 30 years, my insurer made car theft insurance conditional on having an immobilizer device installed that requires code entry through a physical keyboard.
And there were a few years this seemed onerous, but most of the time, there were popular attack in use by car thieves that were prevented (or at least made much longer and more complicated) by this.
The article mentions these manufacturers as being vulnerable:
Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi and Subaru
I’m curious why these and not some other major manufacturers like:
* Chevrolet
* Toyota
* Honda
* Nissan
* GMC
Does anyone have additional insights? Perhaps they just haven’t tested enough manufacturers yet? Or perhaps some manufacturers use a different technology that isn’t vulnerable to this type of attack?
Automakers typically buy keyless entry systems from third party automotive electronics suppliers. The list in this article is likely all using the same system from the same supplier.
Kind of insane that this works... Surely whoever implemented this knew it was insecure? I honestly wouldn't have thought to check for this vulnerability because... who would do that??
I don't think the word "secure" was ever part of the discussion on keyless entry for cars. They would have used something like "convenience". Secure would maybe be considered in that the car doors are now locked from the keyless. But as far as "secure" being used in regards to the transmission/receiving of the wireless signal? I doubt if it was ever mentioned by anyone other than PR.
It definitely was because they used to not even use rolling codes. Rolling codes were specifically created to prevent replay attacks, and then they somehow thought "oh but if you replay two keys we'll accept them". Insane. They must have just hoped nobody would even think to try that because it's so ludicrous.
Car manufacturers are like automation/control manufacturers; they existed before cybersecurity and never caught up to the pace. If you ever audited any SCADA system, you will see nightmares. For cars, some new models of popular brands (not specifying any), you can access the CANbus from the headlight where you can reprogram the ECM to your new key. It's that simple to "own" a modern car.
Currently sitting in a control room at a greenfield manufacturing facility trying to describe why even VLANning the control network would be a good idea to some controls engineers who want a plant-wide subnet for all PLCs that will be remotely supported by 6 different vendors. The struggle is real
On the other hand, it's been a great excuse for a hobby project with 12V relays and learning how to write code for an ESP32. :P
I still haven't yet figured out which CAN-bus to tap and which undocumented byte-messages to interpret... but entering the Konami Code on the steering wheel to unlock the ignition is quite plausible. Or an NFC/RFID tag over a hidden reader, or an active bluetooth connection to my phone, etc.
Whatever the case, quite enough to stop the average thief that would target a cheaper vehicle like my own. You could also skip the ESP32, and have a purely analog switch tucked away.
Needing two keys for a third one is not new. My 25 year old car needs two keys for adding the third, old Fiats has “red master” keys which are also required during adding keys.
Honda/Acura/Toyota have used similar systems for years; this is one of the reasons why cloning a key costs less flagged hours than making a new one for an owner that lost all of them : when you lose all of them you need to get the actual computer out and pair it with the ecm directly, when you clone them there is a ritual that can be done with the other keys+ the new one.
That's common, and it's often a bit stricter. E.g. my Ford Lightning has a pocket you have to put the fob into for this kind of activity. For certain things you need both fobs, so you do one, and then the other, as part of a sequence in the programming. Just being in range isn't good enough.
Proper security is a total pain in the ass, and makes things nigh impossible to use in the manner people want to use them. This naturally makes things more expensive to recover from oopsies.
This is why YubiKeys will only ever work for people technical enough to understand them. Normies will loose it at the first chance, and then be locked out of everything. At that point, YubiKeys will be banned by Congress from all of the people writing in demanding something be done about their own inabilities to not be an ID10T
As far as car security is affected, "normies" really don't care what the algorithm is. The entire UX is "press button to open car, go to dealership if you need new key" and it allows a wide variety of choices re algorithms.
The only reason they use KeeLoq (with whopping 32 bits of security!) instead of something normal, like I dunno, AES-128 or something, is because they are trying to save $0.50 in parts on the item they sell for $100. Oh, and because they don't like any change and don't have organizational ability to use anything recent, like other poster says.
> The entire UX is "press button to open car, go to dealership if you need new key"
Ironically proper security in this case would likely improve the user experience as well. The car provides a 64 bit (or larger) secret value and you manually program a standardized fob with it. No need for custom parts that are only available from the dealer.
A terrible "feature", since it means someone can steal your car just by relaying the signal from outside your home at night, or an accomplice walking near you as you're entering the grocery store, etc.
I've become a big believer in leveraging some security features of the physical world, as it seems it's been long enough that everyone's forgetting Therac-25-style problems. (Or, perhaps more accurately, nobody cares because they aren't liable.)
Modern keyfobs actually detect motion and if they are motionless for a while, they stop transmitting the signal to both save battery and prevent such attacks.
For old keyfobs, you can get a battery sleeve with integrated motion sensor which does the same (cuts power when fob is not in motion for a while).
Alternatively, some cars let you disable the feature and just use the keyfob as you would use an older one - then you habe to push the button anytime you want to unlock the car.
It really depends on the way biometrics are implemented. If you're doing it Apple style, where a dedicated chip validates biometrics and uses encryption and signatures to prove to the OS that the user is who the say they are, they're as good and trustworthy as the software you're running on them (which in the case of macOS for instance requires full trust).
If you're doing the "fingerprints implemented as a webcam" or software based facial recognition from a shitty webcam, you're risking quick and easy bypasses. Still good enough for a computer you leave at home (as long as you don't need to protect yourself against shady law enforcement) but definitely not that secure.
From what I've been able to gather online, nobody but Apple and phone manufactures seem to care much about actually doing biometrics securely, including the biometrics hardware companies. It's such a shame because it's definitely possible to do better.
Cryptography is actually difficult for the requirements of a key fob.
The principle issue is that requiring two way communication greatly increases hardware cost and lowers range/reliability. You also would prefer to minimize or eliminate any volitile storage on the devices.
Also you very much want to absolutely minimize the data sent, both for battery life and range/reliability reasons.
And whatever volatile storage the devices have you need to have some way of handling it being reset when its lost due to a dead battery or replaced device.
So standard replay resistant protocols like "door sends a random challenge, fob signs/decrypts/encrypts it and sends the result" are excluded due to the two-way requirement.
The next obvious set is along the lines of "device sends an encrypted counter, door enforces that the counter only goes up" requires nonvol storage in both devices, and then gets tripped up when the fobs counter goes back down due to being reset. (also harder to implement multiple fobs, as they each need unique state).
Agree about the requirements but disagree that it's difficult.
Two way communication and a few KiB of nonvolatile storage on the fob shouldn't be a deal breaker when an ESP32 dev board runs under $10 (an ESP32 being massive overkill for the described use case).
The device sending an encrypted counter is also trivially easy. There's no reason a modern vehicle can't store hundreds (or thousands, or tens of thousands ...) of { u64 fob_id, u64 fob_key, u64 fob_counter } triplets. Push it up to 128 bits if you're paranoid, it won't have a meaningful impact on resource usage.
Case in point regarding the car storing state, the (broken) rolling window algorithm they use requires that the car track the window and accept presses that are out of sync by a decently wide margin. That's likely more complicated and resource intensive than simply enforcing that the nonce only ever goes up.
The rational conclusion is that the manufacturers are either incompetent or malicious. I firmly conclude the latter given that the fobs they offer that are actually secure introduce vendor lock in and a charge to replace a key.
What you're describing is basically keeloq which is one of the most common rolling code systems. It sends a 28 bit serinal number a 4 bit button code, 2 bit code for repeat and low battery, and a 32-bit encrypted part with an incrementing sequence number.
The rx enforces the sequence goes up.
You press button to open. Attacker lets the first sequence go through and the door opens, while the button is still down the attacker jams your second transmission while capturing it themselves.
Now they have a code they can use to open again when you're not around, assuming you don't use it again in the meantime.
If you wonder how vulnerable systems keep getting deployed without it being malicious, you don't need to look any further than the nearest hotshot that thinks everything is "not that difficult" and that everyone else is incompetent.
Security of any kind is just hard. The defender must defend against any possibility while the attacker needs just one vulnerability. How much cost and range and battery life are worth losing when the attacker can just punch through a window with their fist?
You misrepresent my position. The attack you describe isn't the one being discussed here. Unless I've completely misunderstood, the algorithm itself was broken here.
As to the attack you reference. It's active and touchy to pull off. It doesn't particularly concern me but of course would be better if it weren't possible. To that end I'm not clear why there's a double transmission with two distinct and independently usable codes? What am I missing?
I thought the attacker jammed, recorded two user attempts (ie two distinct button clicks, neither being permitted through initially), then rebroadcast the first attempt while retaining the second for later.
> The rx enforces the sequence goes up.
Except that there's apparently a rolling window to support recovering from desync. Which to me sounds more complicated and error prone than a simple nonce that can only ever go up.
Really though the manufacturers ought to (IMO) accept the extra dollar or five on the BoM that it would take to get proper two way communication.
> Cryptography is actually difficult for the requirements of a key fob.
No, it's not.
> The next obvious set is along the lines of "device sends an encrypted counter, door enforces that the counter only goes up"
That's already how rolling codes work. Running a strong crypto algorithm (even Ascon/Speck would be fine here) requires negligible power.
The issue is that this system is still susceptible to jam+replay attack. An attacker can jam the transmitter signal, while recording it at the same time. The user assumes that the button press just didn't register and tries again. The attacker also jams this and records the code. But then the attacker replays the _previous_ code that they stored, keeping the latest code for their future use.
This can _also_ be fixed with a simple capacitor-powered timer circuitry, charged during the keypress. The device can stay completely inert at all other times.
You can ask this question about almost every non-software company. Hell, you can ask this question about most software companies.
The real question is "why are most people and companies incapable of using cryptography properly?"; and the answer is that doing cryptography right is hard, especially if your use case isn't a common one.
To some degree customers love it. It allows you to program your own replacement key without having to go through the manufacturer or an official dealer.
When my favorite quadruped knocked my keys into the trash I had to get my car towed to the dealer for them to program me a new key. One one hand, top notch security as it was impossible to do any other way. On the other hand the total to get this done was something like $500 after everything.
I did this to myself by placing my keys in a pocket of a bag that I've never used before when returning to the airport parking. I found the keys in the bag after paying to have it re-keyed after paying for the tow from the airport to the closest dealer.
This is totally something I'd do. I'm very organized when I travel for work and everything has a place. If I absentmindedly slip something into the wrong part of my bag, it might as well be invisible..
I have a photographic memory for items dropped in a terrible mess, years later "oh that thing is there under this and that"
I also have a problem with thinking of wise places to leave something and then it is gone forever unless I dig through 75% of everything I own. After I find it I am reminded of what my thought process was.
Get a bluetooth tracker (Apple Air Tag, Samsung Smart Tag or the generic Google Find My compatible one for other Android devices), set it up with your phone and attach it to your car keys.
Then anytime you misplace your keys, you can look at a map on your phone and it will show you where to go.
Yeah, big +1 on this tip. I have AirTags on my bags themselves as well as some other things. Don't have them on my key fob, but you may have inspired me to attach one haha.
The map thing when you're nearby and it goes into the sonar-like mode is super cool. Especially combined with the ping noise.
Oh this is brilliant. Why haven't I thought of this?
I travel a lot for work and always take a pic of my parking space number. A few weeks back I forgot to, realized I forgot before I got in the security line and was like.. nah, I won't forget on a short trip.
When I got back later that week I walked the entire floor of the garage, about 25 minutes.
The attacks to rolling code keys are well known but these keys continue to exist. They allow you to pair a key yourself to the car that you buy online. Particularly in the US it's quite common that people buy used cars and then another key online that they pair themselves.
You won't be able to do this for instance with VAG cars that have KESSY. First of all the immobilizer is paired to the key, secondly the only way to pair a new key to it is via the manufacturer or a licensed dealership because you need a blob from their central server. But the consequence is that people feel like they are being fleeced when they need another key, because it can cost you hundreds of dollars to pair one.
In general these types of attacks are much harder in Europe where immobilizers have a legal minimum standard that manufacturers have to meet. On the other hand in the US immobilizer are entirely optional, which has famously led to KIA and Hyundai cars shipping without them and the Kia Boys TikTok phenomenon.
> But the consequence is that people feel like they are being fleeced when they need another key, because it can cost you hundreds of dollars to pair one.
Because the ARE being fleeced. It's an artificial dependency on the vendor on the one hand versus a blatantly insecure approach on the other.
Secure pairing that can be done by the end user isn't rocket science.
It is a bit rocket science because cars stand around. The CAN bus can even be externally accessed if you pop open the right part of the car (common fault are adaptive headlights). It is not as trivial as people make it out to be because cars violate one of the most important principles of having good security: no physical access.
That has nothing to do with secure pairing. It's an entirely orthogonal concern. Any sensitive system on a vehicle is going to be subject to the same thing.
I don't think anyone will be surprised if the security is swiss cheese once you pop the hood open or bust a headlight out. Keep in mind that a brick to the window and tearing up the center console will get you physical access to the head unit on most vehicles.
1. Initiate pairing via the entertainment system interface.
2. Use rolling codes. Don't allow rewinding the codes.
3. Add a tiny tiny bit of non-volatile memory in the keys so that batteries can be changed without breaking the key. This is only necessary if the car can't be entered using the physical key, otherwise the user can just open the car with the physical key, turn on the ignition and re-pair the key.
I could make a secure system to do this and I'm no crypto genius. (Note this would still be vulnerable to rolljam but that's not a very practical attack, and defeating that is a bit difficult.)
To support car hire/share places if they want to prevent users pairing new keys you could allow setting a password on the pairing interface.
That's more or less already how the rolling code based systems work. The problem of course is that if you have access to one of those keys (or use rolljam to get one or more codes) you have enough to get another key added.
That isn't the problem, at least not the major one that lead to this discussion. It's that the algorithm used is broken. It's example number 9001 of why you should never roll your own crypto for a commercial application. (Amusingly example 9002, TETRA radios, was also on the HN frontpage around the same time).
First of all they did not roll their own crypto, it's just not the most modern crypto any more. Secondly while this particular permutation of the issue is related to bad crypto, it's cascading a completely different issue which is that it's just fundamentally possible to pair a key with physical access which is easy to get.
> KeeLoq is a proprietary hardware-dedicated block cipher that uses a non-linear feedback shift register (NLFSR).
Pretty much any proprietary encryption algorithm is going to qualify as "rolling your own".
"Not the most modern" is a gross understatement.
I can forgive the original authors since it dates to the 1980s and AES wasn't standardized until 2001. (Only just barely though given that DES dates to 1977.) I can't forgive vehicle manufacturers that are _still_ using it (or things significantly like it) 25 years later.
I hope that products manufactured post 2005 use strong publicly available cryptography. After 2010 I fully expect it. After 2015 I view any failure in that regard as gross negligence that ought to be legally actionable.
> it's just fundamentally possible to pair a key with physical access which is easy to get.
> Pretty much any proprietary encryption algorithm is going to qualify as "rolling your own".
It came out of a university and was acquired.
> I hope that products manufactured post 2005 use strong publicly available cryptography.
A lot of the challenges are related to key pairing and relaying of wireless information in combating with jamming. It’s a tricky thing to secure given the circumstances.
> I don't follow?
Cars stand around 99% of the time and easy to get into. pairing protocols assume that physical access is restricted / not possible. That’s why it’s so much harder to secure car key pairing. What would make it more secure is delegating the security to a remote service which is secured. Eg: what Tesla does with their keys.
That changes nothing. The idea behind not rolling your own isn't just deliberate expert design but also open review by other unrelated experts.
> It’s a tricky thing to secure given the circumstances.
You are hand waving and you are wrong. If you are going to make claims then be specific and make solid points. The various algorithmic solutions are simple and common knowledge these days. I went into more detail in adjacent comments.
By your own logic the physical entry key isn't secure either. After all the car is just sitting around - anyone could jimmy the lock. Similarly all it takes is a decent photograph or two with a telephoto lens to reproduce your typical physical key that will get you in the door.
But all of that is entirely off topic. The broken and outdated wireless algorithm has nothing to do with the criteria used by the vehicle to decide whether or not someone is authorized to enroll or revoke a key. Tie that to possession of the physical key and problem solved. If you can't drive off with the vehicle then you can't pair a new fob either.
> The various algorithmic solutions are simple and common knowledge these days.
Honestly I'm not really sure what you are trying to get to. If you think this is a solved problem, it's really not. [1]
> The broken and outdated wireless algorithm has nothing to do with the criteria used by the vehicle to decide whether or not someone is authorized to enroll or revoke a key. Tie that to possession of the physical key and problem solved.
It has something to do with it in the sense that key pairing that just requires physical presence through the key is susceptible to rolljam type attacks. Likewise the NFC attacks against Tesla also involved enrolling a new key on the car via a relay attack to a present NFC key. You're saying this is so easily solvable, yet time and time again it's shown that this is just a really hard problem to solve.
The fundamental flaws with this approach to keys is known since before 2015, but got a lot of international recognition when people found cheap ways to emulate keys through cheap software defined radios around that time.
I’m talking about the earliest cases. The earliest references depend on the particular standard of crypto. KeeLoq is a very famous rolling code standard where attacks go back to 2007 and earlier.
RollJam is known since 2014 [1]. It was popularized later through a custom device [2].
They're not. There is AFAIK an ssh key infrastructure for OnStar that's modern and well-run, for example.
Things like key fobs are most likely very incremental changes on "this is the way we've always done it". These organizations are behemoths and steer with all of the inertia of a containership.
Like when just putting in a usb-A anything into the steering column and letting the car drive away? Nah man, no one will figure it out. We're good. Our backdoors are the best
There's no ignition in BMWs anymore. Even if you don't go for the full keyless package, the start is still keyless. You just pay extra to have the doors be keyless too.
Cool, I was planning to get a spare car key, not anymore!
Also, glad I have one before they would ban it. It’s a neat tool that I have everything I want there, instead of having 4 fobs, one garage remote, plenty of IR remotes, it’s AIO. Plus I don’t have to pay fees to replace my lost fobs
Am I the only one that just hates push to start in every way? Sure, I don't need to have the "insert key and crank" to be real, but physical key seems so superior.
Feels like getting rid of the light switches in your house in favor of "smart home" stuff.
I liked my old 'rolla that I could start with any key at all.. or even a paddlepop stick.
Every time I start thinking about these little modern inconveniences, I re-arrive at the idea that this is yet another example of the difference between a product and a tool.
A product ideally works the same for everyone, with as little friction to the immediate function as possible. All other functions are hidden or deleted. Trying to use a product as a tool is slow and frustrating, because the experience never gets better than the first time you use it.
A tool on the other hand needs learning. Sometimes that learning curve is shallow and long, like a hammer, or steep and long like CAD.
Smart home stuff can be pretty great if you treat it like a tool, and only use it where it is the right tool for the job (so, not light switches).
I mean, keep using your key if you like it. I for one love never having to touch my car keys. I touch my door handle the car unlocks, I touch the start button the car starts.
Also, smart people wire their smart home so that the light switches still work. If a smart home controller or some other part of the system fails, people still want to be able to control the lights manually.
I'm on the other of the spectrum apparently, I'm annoyed that I even have to carry a key/fob. I'd rather have a fingerprint sensor or something, with the key as a backup (i.e. when I let some borrow it).
AirTags require people having iphones. Tile requires people with the app. I've lost things with both these items on them and never saw a ping from them ever again.
Well, yeah, there are limitations to everything. They're not going to work on stolen devices when they're overtly advertised in cutesy keyfob holders that say "throw me away first". Use your brain because you have to disguise
them on some objects.
AirTags and Tile Pro work fine wherever there are other people. They're not going to work in the Atacama.
They worked fine every time I used them. I recently sent a laptop to France and included one of each. Sometimes the Tile pinged and sometimes the AirTag pinged, but they worked really well across continents.
I also have about 4 of each in a vehicle left unattended for a while in a parking garage that doesn't have a great deal of people around it. And all of them ping at least once a day. The Tile Pros have ~100m LoS range which are quite a bit more than previous ones from years ago.
I dropped one on a keychain on a sidewalk. It never pinged. That was an AirTag.
The other was the time I left my car keys on top of my car. Someone took the keys and put them in a random nearby business’s lost and found. The tile never pinged over the course of days and I had to find it the old fashioned way.
These things never worked for me, but it’s good to know that mail delivery people use these apps/devices that will let you track your packages in realtime.
I didn't realize I dropped AirPod Pros in a case with an AirTag. I watched them bounce around inside an unoccupied Google building like it was picked up by Google's security people. Then, I watched it commute to a residential area of a smaller town. The defunded local police wouldn't even possibly look into it until 48 hours later and only if they wanted to, and the smaller town police wouldn't do anything. It pinged for a day or two afterwards like someone had thrown it into a/their neighbor's trash can.
I think the person you are replying to was implying that they can get a new car if their current one gets stolen. (And I suppose if this continues, like a realtor, we will all just keep getting new cars every few years, ha ha.)
Anybody knows of a simple non-destructive anti-theft mode like a fuse-switch one can easily install himself on basically any modern car? I need something I can remove and the manufacturer/dealership cannot then see I used it (otherwise they may try to whine about me having broken the car manufacturer warranty).
One of my older (collectible) car has various anti-theft helpers, including trackers. I also remove its steering wheel (easy, no airbag). Then I disconnect the battery. But then my favorite on that car is a kill-switch I had installed on the fuel pump: it's hidden and you flip the switch, car stops instantly. That one if thieves want to steal it they either have to come with a steering wheel, find the trackers, find the switch, hook up the battery or come with a tow truck (they'd still need to get rid of the trackers though).
But yup I'd like to know if there's a simple fuse-switch DIY that's non destructive: basically something I can remove and put back the regular fuse and the car dealership would be none the wiser that I used one.
What practical use does this have? From my reading if I capture an unlock signal, the car will not unlock for the owner, so they’ll press their remote a few times.
If I capture a lock signal, presumably I can instead prevent it from locking. The only real world malicious action I can see is being viable is to block the car lock, meaning the car is still in an unlocked state, open the boot (which I’m guessing can be done from the car dash anyway) then locking it afterwards?
> Whether it was a fob start or push start isnt specified.
... It's literally in the title on the first slide.
It is only an attack on keyless entry. Keyless start systems all use a different short-range radio system.
An attack on keyless entry might let someone trigger a remote starter if supported, but this doesn't enable anyone to drive the vehicle, because you will need to authenticate with the keyless start system after entering the vehicle before you can put it in drive (and to keep the engine running for longer than the predetermined timeout).
Tons of the rolling key systems on the market are based on KeyLoq, and keyloq is a fairly well designed system with a big lynch pin.
It has something called a 'manufacturer key', which needs to be available to any device that allows field pairing of remotes. If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Absent the manufacturer key, jamming+replay attacks work, but brute forcing a sequence key is generally prohibitively costly.
However, since any receiver that supports field programming needs the magic "manufacturer key", one could purchase such a unit, and may be able to extract said key.
They could've designed a system that doesn't require a fixed secret master key, but instead generates a unique random key for each receiver and requires a physical connection between the fob and the receiver (located inside the locked part of the car) to pair them. Of course such a generic system would be against manufacturer's interests in controlling the repair and aftermarket industry.
You don't even need a physical connection.
As long as you have two-way wireless communication (which any keyless entry/start system does), then you can simply do a Diffie-Hellman key exchange during the pairing process.
Diffie-Hellman is designed for exactly this usecase, allowing two parties to derive a shared secret key over a public channel without exposing it.
That allows the conversation to proceed in secret from listeners, but it provides no authentication to ensure that only legitimate parties are involved. The reason for physical contact is to "prove" that you are legitimately in control of the vehicle, not a random passerby.
Physical possession isn't enough to prove someone is legitimately in control of the vehicle, though. If a physical connection under the dash will hand out the key, you can bust the window, and get the key.
Part of the utility of the baked-in manufacturer key is that it is unable to be extracted by thieves.
Clearly it isn't "unable to be extracted" as the other comments here have remarked.
Having to break into the vehicle already raises the bar significantly and makes the security equivalent to a physical lock.
It works well enough to just require some action to be taken on both ends. Push a button on the opener (or an already-paired remote), then pair the remote while the opener is in the pairing state. It’s possible for a passerby to intercept, but they’d have to have very good timing.
Pressing a button on the opener is physical contact. That's the entire idea that the OP was trying to relay, that you need some physical way to prove that you're eligible to pair. Not that the key itself had to be hard-wired for the process to proceed.
> requires a physical connection between the fob and the receiver (located inside the locked part of the car) to
that sounds pretty clear to me that the connection isn't the human holding both buttons here.
I'm not sure you should be that concerned about man-in-the-middle attacks.
If someone does successfully MITM while walking by the key is going to stop working as soon as they are out of range, and you will notice.
I'm just wanting a system that could be implemented with the hardware that's already there. I guess you could use the RFID chip that most keyless start cars already have as a secondary channel. Still Not 100% secure, but the MITM device would need to be physically in your car to intercept the pairing request, and at that point you have bigger problems.
Sorry, I didn't mean to make it sound like the problem was MITM. The issue is initiating a pairing request, you can't allow just any key to request it, that allows bad actors to pair a key with your car.
While I worry that it's not really secure enough, the OP was suggesting that physical contact is a way to "prove" that you are indeed eligible to pair, by excluding everyone who lacks physical contact.
Modern cars already have a complex sequence to enter pairing mode.
You need to press buttons inside the car, buttons on the currently paired key (to prove possession of that) and buttons on the key you want to pair with.
So a passer by would have to press a button on their fob at just the right moment. Then when you go to test your new key fob, it wouldn't work, so you would pair again until it was your key that was paired.
Yeah, it's the same for garage door openers today. I took the OP simply to be saying that physical access of some type needs to be available (ie. to stop anyone initiating a pairing). Some cars require the key to be physically inserted into the ignition switch, which requires the key to be correctly cut to match the car, before pairing; which is a nice extra hurdle to stop thieves quickly pairing after they break into your car.
Whatever the case, making it easier to pair, shouldn't be the primary focus, no need to help a thief doing it quickly. It would just be nice to have a way to do it, that didn't ultimately require the manufacturer to get involved; but that does remove a big hurdle for thieves, too.
Which can be easily bypassed by accessing any obd2 connected port, which you can conveniently find in the headlight housing of most automobiles.
That's CANBUS not OBD2, and it only works on some cars because not moronic manufacturer prevent it. Try doing it, on a European car you will fail.
I promise there is not an OBD2 port inside the headlights of cars.
There is CANBUS to the headlights, but that is not a OBD2 port. And more securely designed cars can put that in a less secure zone, so it can only send and receive commands for exterior things like lights, and not be able to have commands for keys injected, because that bus will not accept those commands.
you can press a button in the car, you don't need a cable.
In theory, but since this attack has to happen at the time of pairing and leaves evidence--the key you are trying to pair doesn't work afterward--I don't think this is a realistic concern.
>In theory, but since this attack has to happen at the time of pairing and leaves evidence--the key you are trying to pair doesn't work afterward-
You're assuming the goal is to discretely enter the vehicle and leave no trace. If we consider the Kia challenge [https://en.wikipedia.org/wiki/Kia_Challenge] then the goal is to take possession of the vehicle in an immediate and opportunistic fashion. If the possession fails and the key FOB now stops working, whatever, not the thiefs care. If the possession works, now there's a sweet car to abuse. Or, in the case of a crime syndicate, a sweet car to take to the chop shop.
This type of attack is not to mention a simple relay attack. If radio waves of a home (say near the front door, where the keys are stored) are relayed to another location (the car, 30 feet away), then the exact crypto and protocol is irrelevant, the car "sees" the real life actual FOB as nearby. That's another attack used in the wild.
I think you're overcomplicating it. The primary purpose of field programming is manufacturing logistics. Produce a billion identical devices with identical firmware, and then pair the key once to the car.
So it just needs to block rewrites, and the risk of any security barrier breach is negligible since it's done in factory.
> The primary purpose of field programming is manufacturing logistics
Or if I lose my car key
I think this is technically correct but a bit confusing, since "pairing" processes usually require user actions at both ends. A keyhole that reprograms to any key from the outside makes little sense.
Given how bad the "single master key" idea is, even simple update like "transmit secret key in the open, but with reduced power, during paring mode", would be a great improvement.
It'd instantly mean there is 0% chance of someone figuring the key based on day-to-day operation.
A PAKE scheme with a passcode communicated out of band during pairing feels more appropriate to make sure no one is snooping.
A one-time out of band authentication (usually some form of trusted physical interaction) is key if you don’t want to trust intermediaries.
>If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Not if seed with appropriate length is used. Though I don't know how common that is, back in 2008 authors noted that "We would like to mention that none of the real-world KeeLoq systems we analyzed used any seed" (https://www.iacr.org/archive/crypto2008/51570204/51570204.pd..., section 4.3)
Correct. While the original KeeLog cipher is most likely no longer secure, Microchip moved on to AES.
KeeLoq is also used for garage door openers.
Some KeeLoq receivers have a "learning mode" where it adds the next KeeLoq transmitter it hears provided it uses the same manufacturer key.
Learn mode is activated either with a button often on the PCB or with a "master" transmitter.
https://en.wikipedia.org/wiki/KeeLoq
This is why keyless "start button" functions on cars is a bad idea.
The old approach of keyfob to unlock the car and a real key for the ignition is safer.
Having multiple levels of security is good.
However, having worked in the car security industry many years ago, I discovered that car manufacturers actually like it when their customer's cars are stolen - Insurance payouts often result in another sale.
As far as I know no vehicles use this kind of rolling code algorithm for push button start, only key fob functions. Certainly not in Europe (due to immobilizer regulations) but I don’t believe anywhere else either.
Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
It’s also worth noting that European makes in general tend to have much better cryptographic key security. My understanding is that this is due to a combination of regulation, a relationship between insurance and automakers which requires some security standard, and a high rate of theft leading to an adversarial environment.
Can you expand on the “immobilizer regulations”? I wasn’t aware any of this was regulated in.
UN/ECE 116
From a quick skim through the text, it seems to define what an immobiliser is, how it should work, and how it can be advertised on a car.
I don't see anything in there about them being mandatory across the EU. I know some member states passed laws mandating them before that document was published. Perhaps I got the wrong document.
Also take a look at 74/61/EEC. Some form of “immobilizer” has been required in Europe since 1998, and between actual ECE/UN directives and insurance partnerships, the standard increases every few years.
> Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
I don’t think this is true, for instance how does the key fob trigger a start sequence for vehicles equipped with remote start? They must be connected to the same CANBUS, so the key fob can interface with the start systems. This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS (i.e. headlights being addressable in CANBUS)
Yes, remote start breaks the model… which is why drive off release and remote start are separate systems. On modern European cars with automatic transmissions, the TCU will not release Park until the immobilizer (short range, challenge response) is released, and generally the ECU also limits torque request and vehicle speed.
> This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS
On vehicles with poor cryptography architecture (Honda!), yes. On most other vehicles, no, because the immobilizer messages are cryptographically authenticated, usually by using an AES MAC where the key must encrypt random bytes transmitted by the immobilizer master using a shared AES key, and all participating immobilizer modules use a similar system to verify that every module shares the same secret material. Now of course if this secret material can be extracted the system breaks (see XHorse, Abrites, etc.) but this usually requires invasive and time consuming attacks far beyond the headlight thing (for example, removing and physically opening a control unit to use an exploit to dump its key material).
https://www.usenix.org/system/files/conference/usenixsecurit...
Hitag2, while broken, is worlds better than rolling code. All modern European cars that I’m aware of now use AES.
Right but the comparison was between Euro and American brands not between Hitag and rolling codes. In that regard the Euro brands are no better.
Pretty short sighted, given how much we've seen insurance rates climb for specific makes. People know you'll be paying through the nose for certain Hyundais models. That kind of brand damage can't be cheap
Sure, but in my experience, people never attribute high insurance costs to the underlying risks being high, rather they blame that on the insurance companies and then vote for people who promise to “do something about it“.
I’m sure there is brand damage from people hearing that a particular car is frequently stolen, because having your car stolen as a pain. I am skeptical the analysis reaches deeper than this first level tho.
I don't think high insurance costs would result in brand damage as such. But it absolutely would result in reduced sales and/or reduced resale value, because sufficiently many people comparing which car to buy will look at the insurance cost for each particular car they are comparing as part of that decision.
I agree that if sufficiently many people consider insurance costs in the buying decision, then a high theft rate will reduce sales. I guess I am just wondering whether or not most people actually do that. It’s been a while since I bought a car, but my impression was that many (most?) people just buy based on the biweekly payment, and everything else from depreciation to gas to insurance is an afterthought.
Note those Hyundai's relied on old fashioned cut keys and not electronic transponders, and the solution was electronic transponders because the old style stuff was so trivially bypassed.
Yeah something about immobilizer on push starts being better than the key since they can just jam a USB/screwdriver in there and steal the car, Kia boys
I know this might be splitting hairs, but...
>The old approach of keyfob to unlock the car and a real key for the ignition is safer.
"Safe" feels like wrong word to use here. Safety is not same as security.
One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
If you actually want to keep your car secure (meaning criminals wont break into it or steal it in this context) just drive old beater and do not leave anything valuable in the car or trunk. I am driving a car that is nearly as old as I am and its fighting a losing battle against rust and I have nothing more valuable than trash inside the car.
> One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
Here in the UK vehicle theft reached an all time low in 2014. It’s doubled since then. If there was an increase in car jacking it must have been minescule by comparison. It’s not really a crime that happens here.
I had an old beater van that got stolen. It turned out that model was known to be easy to steal. I suspect most car theft is done because it’s easy and fairly low risk. Walk up to a car in the night, fiddle around for a few minutes and drive off.
I still drive a car with a key. It’s completely fine. Who actually asked for keyless entry?
> Who actually asked for keyless entry?
Me. I have problems with short-term memory and I kept forgetting my keys in the ignition.
This isn’t due to laziness or lack of trying. It’s a hardware problem that makes developing or following habits in certain situations nearly impossible. It’s like asking a blind man to organize things by color.
Now that I don’t have to take my keys out of my pocket, I’ve never left them in my car.
> Who actually asked for keyless entry?
Probably the vast majority of consumers?
There is no reason why keyless entry cannot be more secure than a physical key, other than incompetence.
The cars stolen in New Zealand are usually, as you say, cars that are known to be easy to enter and drive away. Even then, they break a window. But I have also heard of break-ins at night targeting certain high-end cars and going as far as gaining entry to a garage.
> There is no reason why keyless entry cannot be more secure than a physical key, other than incompetence.
Isn't the problem that it's designed to work from a distance, and that by boosting the signal the criminals can just increase the distance so that the key inside your house reaches the car? It seems inherently less secure than the old system where the physical key has to be practically touching the ignition to disable the immobiliser.
More modern implementations of this use a time of flight check, so unless you have the ability to violate the laws of physics, boosting the signal so that a far away key transmits its signal to a nearby car is insufficient to unlock/start the car.
Are there many car keys actually using time of flight in the fob? Most of the cars I’ve owned use a much simpler approach - the key sleeps (stops broadcasting) unless moved. Drives me nuts with some fobs which have to be vigorously shaken to start broadcasting again and open my car etc. if key isn’t broadcasting, it can’t be mitm’d. It’s been awhile but I seem to recall time of flight being patent encumbered vs sleeping the key.
This obviously isn’t 100 percent full proof but likely works well enough for preventing many common mitm scenarios such as stealing from a car park or drive way most of the time etc.
No idea on actual implementation, but the UWB keys these days all seem to be capable of it. Plenty of manufacturers advertise the capable, e.g., Bosch.
You can boost signal only so much. Apple solved this to be less than a meter or smth like that.
With Tesla you can disable keyless entry and use key card if you are so paranoid. But stealing connected car doesn't make much sense to me.
> But stealing connected car doesn't make much sense to me.
How so? Even if you know the location you need someone with jurisdiction to go get it. You disable vehicle, then it gets destroyed.
EVs are entirely different designs than an ICE vehicle, and Tesla in particular is moving beyond the flawed CANBUS to something more robust and secure.
> I have also heard of break-ins at night targeting certain high-end cars and going as far as gaining entry to a garage
My next door neighbour had someone enter their home while they slept, take the key and drive off in their car, because it was "stolen to order" most likely.
I couldn't give a shit if someone breaks in to my garage, or frankly if the car is stolen, but I don't want them coming into my house where my family is asleep for the keys.
What happens if the keys weren't downstairs by the front door, because I left them on the bedside table or something?
I shudder at the thought.
I'm not sure what you are saying here. Are you saying cars should be easier to steal so that no one ever breaks into your house to access the keys to your car?
Of course not, that's ridiculous. I simply don't drive a car anyone would want to steal.
Alarm and a gun in the home, problem solved.
>> Who actually asked for keyless entry?
Almost everyone?
It's one of the best feature I have in a car, the most convenient one.
It's a feature we like now that we have it, but not one we asked for.
Hi! It me. I had a car with keyless entry years ago. It was great. I got another car, more recently, that had a physical key. I've hated having to use the physical key. I personally am asking for keyless entry. Sorry!
Also: Hyundai/Kia cars have physical keys and are known to be trivially hot-wired. Given the "kia boyz" I'd have a hard time moving to physical keys again. Again, sorry!
Time to get flipper zero. Realistically there is not reason some Android maker couldn't roll a phone out with a keyless entry support (with or without OEM blessing heh)
If I can unlock my car with my Android's NFC and drive - is it a keyless entry?
Is mentioned vulnerability affecting older/cheaper cars? I don't need to press any buttons on my key fob to enter the car and turn on the engine.
If you need to pull out phone - it’s not really keyless
Flipper Zero is just too thicc.
I LOVED my Chevy Volt!! Walk up to the car, door unlocks and I climb in. When leaving the car, shut the door, walk away, doors lock.
I didn't ask for keyless entry, but I LOVE KEYLESS ENTRY!
Old beaters are exactly the things that get stolen. Their security can often be beaten with a butter knife or coat hanger. That's more about minimizing the losses, for which it's a useful approach. Running costs tend to be lower as there's little purchase price and no incentive to do expensive repairs instead of dumping a broken one for another running beater.
You should look up what strikers are and maybe check the statistics for most stolen cars.
If someone wants to stole the car they will steal it.
Stealing a car is not the same as stealing a candy. In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
As for the "beaters": shortly after Russian invasion on Ukraine plenty of cars were stolen in Poland. Not the expensive kind but usually 10-30 years old cars with big and reliable engines (V6, V8). I know 6 people that had Jeeps Grand Cherokee stolen (different generations).
My uncle wanted to renovate Isuzu Rodeo with completely rusty frame but V6 engine of a value of like 300€ and it was stolen too.
And it happened ~1 month after it started.
> In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
This is the same in the US, at least for the expensive parts. They won’t part it out or even sell it in your country, it gets shipped out to another country where your laws don’t apply.
People stealing cars to sell or chop them up for profit is less of a problem than people stealing cars so they can commit violent crimes with them.
Based on what data?
Based on the "data" of human lives being worth more than cars. WTF!
I'm probably completely missing the (presumably relatively common) scenarios you have in mind where stolen cars are used for violent crimes. (I'm assuming reckless joyriding isn't what you're referring to as "violent crime"; maybe that's my issue)
If you want to go commit a violent crime, and have motorized transport, and not be caught. Then it is helpful to have a vehicle that is not tied to you.
Happens in places like New Orleans. Some gang members steal a car, go shoot up a neighborhood, and ditch the car.
> I'm assuming reckless joyriding isn't what you're referring to as "violent crime"
It is, and worse. There have been numerous cases of scumbag teenager stealing cars and then crashing them into people, mostly by accident but often enough on purpose. They also use the cars for gangbanging shit since they know the car can't be traced back to them.
A lot of this stuff wouldn't be happening if cars weren't so easy to steal. There is a casual accessibility to stealing certain cars which makes it an easier crime to commit than carjacking (parked cars aren't witnesses, parked cars won't fight back or pull a gun of their own, parked cars won't try to run you over, etc.) Once the car is stolen, other impromptu violence seems and becomes easier.
Then why are you worried about cars, worry about murders.
That's like asking why people are concerned about easily available guns. Because they facilitate murders! Seriously, stop being deliberately obtuse.
Shouldn't we be more worried about nuclear weapons than guns, it's human lives after all.
Again with the deliberately obtuse routine.
What's wrong with that? If the rate that something happens doesn't matter, then we should ignore everything except for the most severe problem.
By "less of a problem" they don't mean "doesn't happen as much," they mean "doesn't matter as much."
How much does one happen vs the other?
I don't have an answer to that, I was just trying to clarify what read to me as a miscommunication.
Where I live, the ability for the "Kia Boys" to easily steal cars, really boosts their effectiveness at robbing people at gunpoint. Sprees of 20 people being robbed by the same group. It's not poor kids who lack school transporation options, doing their best to get by.
Strong disagree. Many car thefts are by POS teenagers who do it because it's easy and they can get away with it. They then proceed to drive those cars recklessly, endangering the lives of other people, or worse, use the sense of anonymity and power provided by the stolen car to commit violent crimes.
https://www.krqe.com/news/crime/teen-given-max-sentence-afte...
> One could also argue that
One could also argue that most people didn't bother because violent crimes are much more severely punished, now that the bar is so low people steal much more. And the stats would back it up
https://images.vivintcdn.com/global/Blog%202022/01-Number-of...
I'm currently driving a rental which has this feature and I can't stand it. There is no added value and this feature exists solely to appeal to people who think it's "cool". (They must exist, right?) I guess you get used to it with time but I find myself constantly having to throw the key back into the car so I can do things like exit momentarily and keep the air conditioning going. I also don't trust that the car won't then lock itself with the key and my child inside, so I also have to remember to roll down the window.
Unwarranted worries. I keep the fob in my pocket all the time, the car will keep running without the fob. Also usually these systems have incar fob detection. Mine will refuse to lock if it senses the fob is inside the car.
That doesn’t make sense. You can’t lock the car if your key is inside?
So a bad person can just open your door and attack you because you can’t lock your door when your key is inside?
My Camry has incar fob detection and I can definitely lock the car while the fob is inside.
It won't let you press the button on the handle to lock it if the key is inside and you're not, prevents you from locking the keys in the car, mine does the same, the car will beep 3 times if I try to lock it from outside while the key is inside.
If you're also inside, you just press the lock button in the car and it'll lock just fine.
I meant lock the car from the outside, using the door handle.
Thanks for the clarification. Wild to me I didn't know this external lock button was a thing (my car's 16 years old... but I drive a rental a couple times/year...).
There's a huge value feature, I can keep the "key" in my pocket or bag or whatever and I don't have to fetch it out. Plus the "key" can be a phone or other device.
Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
Automotive ignitions barring a few stupid setups in the 90s like the Jeep XJ (which was laughably easy to steal, but it was Chrysler and AMC so you can just expect certain levels of incompetence and shit design) have been much more than just a simple cut key. Going back to even the 80s, GM had a mostly excellent simple theft deterrent in the keys (a special resistor whose value the ECM knew, called passkeys) that made it harder than just brute forcing the ignition cylinder. It honestly made stealing someone's thirdgen or corvette a lot harder. Keys with things like fobs have evolved since and on a car with a real key made since the vast majority of this sites userbase was probably born is going to take some real specific smarts and work if you need both a physical key and whatever additional security the manufacturer has cooked into the fob. You really need an immobilizer system that requires both a transponder and a correct cut key for the security on the car to be decent.
Tumblers can be trivially bypassed or broken. The only thing providing real security in your examples are the transponders. The cut keys are worthless.
If you get rid of the transponder, it has weak security. If you get rid of the cut key, you have pretty much the same security.
> Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
Everyone can use a flipper zero to unlock a car. Not everyone can hotwire a car. Keyless ignition means criminals have a vastly larger recruitment pool of people they can offer money to do something stupid (like stealing a car for them).
> Everyone can use a flipper zero to unlock a car. Not everyone can hotwire a car.
You live in a tech bubble if you really think this is the case. Attacking a lock cylinder is a lot lower-skill of an attack than a cryptographic attack. Recent car theft epidemics have shown this, e.g. #kiaboys
>> throw the key back into the car so I can do things
Isn't it the same for old style key, but with even more actions? Like to navigate a keyhole, turn the key...
It’s convenient. If I want to keep the AC on when I exit, I push the button for that before I get out.
It’s especially nice when the key is my phone. I never have to worry about keys. I just get in my car and drive, and when I arrive I get out. I keep a key card in my wallet as a backup in case my phone explodes.
> car manufacturers actually like it when their customer's cars are stolen
Hyundai and Kia have joined the chat
Except those guys had it go so far that trying to insure a cheap Kia was extremely expensive, since insurers considered them a toxic asset.
It actually got worse than that -- some insurers in some locations were refusing to insure them at any price.
As a DIY option, there are definitely ways you could add MFA-like security with a simple switch/relay (attached to said authentication factor) in most ignition systems.
However, that wouldn't help with the "desyncing" or unlocking aspects of this attack.
I had a used VW gti (late last century) with an imobilizer. It let the engine crank but wouldn’t start. It also locked the hood from opening, leading to some panic when first getting the car and forgetting it had this feature.
It was a circular key below the steering wheel.
A physical steering wheel lock works too.
Not every problem needs a tech solution.
They're basically describing a hidden kill switch/toggle, which is just as much of a tech solution as the one you're describing.
Of course, they wrapped it in some nerdy terminology, which IMO obscures the intent of their suggestion.
Removable steering wheel. Most thieves do not carry a steering wheel with them.
Rowan Atkinson approves.
https://youtube.com/watch?v=yns_DhYrOpY&t=19m30s
disagree, if you mean simple cut key. a screwdriver defeats it.
ok, if you mean a key that has a chip embedded, where the key cuts are just window dressing and the real magic is still in cryptographic proof of "something you have". i am not aware of any such key ever being produced, but i certainly do not have comprehensive knowledge. GM had something close to that.
Immobilizers (which lock out the engine until there's been some authorization from another device, i.e. from a chip in the key) have been mandatory in cars in the UK at least (and I would presume Europe on similar time scales) for almost 30 years (from 1998). Seems they've been sold in cars for a few years longer than that (from 1992). According to: https://www.carwow.co.uk/guides/glossary/what-is-a-car-immob....
Maybe never introduced into the US market? Would find that hard to believe.
Immobilizers were introduced into the US long before that, but never mandated.
immobilizers that use a chip in a physical key, are to the best of my knowledge, all simple clonable protocols. the predecessor to a code was a simple resistor.
i specifically meant a kind that uses private key crypto. we absolutely could have that today but we've moved on to fobs.
please correct me if I'm wrong ... i haven't studied it that extensively.
Early immobilizers were just resistors, yes. (e.g. GM VATS) However, later "chipped keys" do use strong crypto over short-range wireless.
The "fobs" in modern push-to-start cars actually have two separate radios in them. The one that this article is about is the long-range keyless entry radio, which primarily opens the doors. These all have separate short-range wireless radios that work inside of the car to authenticate the key before you can press the push-to-start button. That is unaffected by this hack.
I’m pretty sure most cars in the later key era used some sort of chip verification on ignition for the key. It wasn’t just a physical thing. Given it was 15 years ago, I don’t know how cryptographic the proof was - perhaps it was just reading a number from the key. But the hyper short range nature of it made it quite secure.
I think the early 90s gm keys with the chip were just resistors in the key body. They stop reading over time but you can splice in the correct value to bypass
I've never seen anything but problems with keyless ignitions. It really seems like a solution in search of a problem no one actually had, and makes the car much more irritating. I guess it's in line with the whole remove real controls and buttons crap because "muh software", "muh reprogrammable interfaces" etc that certain nerds think is a good idea for who knows what reason.
I've only ever personally seen failures with keyed ignitions. They are subject to physical wear. This is a problem solved by keyless ignitions which have zero physical wear parts.
I sometimes imagine how much of this could be avoided if the communication signals weren't (a) broadcast or (b) a imperceptible to humans.
If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
If the signals were audible sound, you'd know when someone was jamming it.
In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
> If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
You could even take it a step further for extra safety: the door handle could have a slot that requires a specifically shaped piece of metal to be inserted. Only a piece of metal with the correct shape would allow the lock to be opened.
> Only a piece of metal with the correct shape would allow the lock to be opened.
This has been attempted but unfortunately this algorithm is vulnerable to the #ScrewdriverHammer attack.
Science fiction
>If the signals were audible sound, you'd know when someone was jamming it.
This would be very popular in East Asia. They love everything that beeps. Rice cookers play a melody, pedestrian crossings play a melody, garbage trucks play a melody. Japan is the country of beeps.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Yep, that's the simplest fix. Key is required in the door to open/unlock.
You'd think too that a firmware update to the car could enable that behavior. I mean most cars still have a physical lock on at least the driver's side door as a "back door" to getting into the car if the fob is non-operational.
The problem is that the overwhelming majority of cars are effectively abandonware on this metric.
This is exactly the benefit of the free software, and why having your own ability to fix, recompile and reinstall the software, is essential, even on things such as cars where you may think it's not needed or is too complex to handle.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
I would be surprised if automotive manufacturers used separate rolling code keys for locking and unlocking.
> Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
Yes, what I meant is that such symmetry is not strictly required, and breaking the symmetry opens up ways to enhance security (of unlocking when you arrive) while keeping most of the convenience (of locking while leaving.)
For example, imagine "Lock" is a typical broadcast from anywhere within X meters, but "Unlock" requires touching the fob to an infrared port, and they use independent codes.
Peugeot used to have infrared keys. Several people who thought their central locking was glitchy have been surprised to learn that pointing the key at the side window makes it work every time.
Why is it "dark web" nothing is wrong about posting it online, using it in general may be USC 18 1029/30 in USA but
Why is there so much politicatization and bait click of dark web stuff, it's still internet.
Because the original hacker is selling the firmware for 1000 USD on dark web marketplaces.
It's literally being sold on dark web. People call everything "dark web" but this time it's correct.
So what's the search term for it at least? This stupid gatekeeping while racking views and hype from it is getting on my nerves.
From the comment under the article and the link to the YouTube video, the firmware seems to be called “Flipper Zero Unleashed”. Seemingly available via Telegram.
Assuming it doesn't do anything else magical, I don't see much point in dignifying it with a web hit, let alone finding out its name.
It's odd to throw in the dark web, thousand dollar firmware bit when third-party firmwares are developed in the open and have long ago already implemented KeeLoq, but I guess they aim for sensationalism and shock value.
So to follow up on my misconceptions, the RollBack attack it is based on is now implemented on underground firmwares and is what is novel. The research itself too is fairly novel and was published in 2022, capable (at least, on paper) of rolling back the cipher state on the receiver, preventing de-sync (and is the crux of why this submission is amazing).
The prior RollJam that I thought this was dates back to Samy's 2015 findings. It turns out 2015's RollJam (unlike RollBack) requires active interference and seems to necessitate the attacker being in the vicinity of both the remote and the receiver.
I'd guess that the original firmware author posted in on some hidden onion forum (aka darkweb), because they are actually stealing from cars.
I doubt it, most flipper dev is done on the discord that offer unspectrum/noncertified radio manipulation like iceman, etc.
Sound like it’s newspeak for repurposing the word “internet” to a UK or China style of regulated censorship
The term "darknet" is actually older than "internet". It was first used to describe networks that were isolated away from ARPANET.
governments are not so enamored with the “just posting code” defense, especially anymore. look at the recent Roman Storm case or what happened with decss back in the day
Roman Storm didn't "just post code." He created, and profited from, a service used by criminals (including the North Korean government!) to launder stolen money.
Of course Storm argues that Tornado Cash is decentralized, but you can't just start a mafia branch, hand out free shares at the mall, and then claim that you actually didn't commit any crimes because you have 10,000 other voting shareholders.
Publishing a contract is basically just posting code. You are saying the primary distinction is the governance token and thus financial benefits accruing to the dev?
Unfortunately that video is lots of talking and little substance, so it's hard to properly evaluate it. From the little info shown there it just looks like a nice repackaging of the old rolling flaws (https://github.com/jamisonderek/flipper-zero-tutorials/tree/...)
> A consequence of this is that the original keyfob gets out of sync, and will no longer function.
I always wonder about this: what is the consequence of that? Can the user reset it, or does it have to be done by a retailer or something?
Depends on the implementation. Most times you just have to click it a few times in a row. The receiver then realizes it missed a few button presses and it re-syncs. I’m not sure what that window is though, at some point it might get so out of sync that the receiver ignores it and assumes it is a wrong fob.
If I remember correctly the size of the rolling window differs, more modern vehicles may allow about 100 code discrepancy before ignoring the transmitter, while old models might have been 5 to 10.
> For this new attack to work, all that is needed is a single button-press capture from the keyfob, without any jamming. Just from that single capture, it is able to emulate all the keyfob's functions, including lock, unlock, and unlock trunk.
If I don't press the buttons on my keyfob am I safe from this?
The only keyfob functionality I normally use is that when it is outside the car but within about a meter of the door handle the door can be locked or unlocked by pressing a button on the door handle.
If you keep your car key close enough to your front door, it's possible to relay the signal that the key is constantly broadcasting closer to the car, allowing an attacker to hit the button on the handle and unlock it without posesssing the key.
As I understand there's still challenge/response stuff going on when you use a physical key or similar means to unlock the car or start the ignition (as that is how the alarm system and immobiliser distinguish a real key from someone picking the lock or hotwiring the car).
I don't know the details of the attack in the article, but my speculation would be that it would be vulnerable.
That's an interesting question. Unless that feature uses NFC or some other protocol, I'd think you're still susceptible.
AFAIK it should be a different system because the car asks the key first (same system as Keyless GO).
If the attack causes the original key to no longer work, imo the major threat vector is someone sitting in a parking lot, capturing key presses, performing the attack, and forcing the user to tow+re-program the key as a nuisance, rather than stealing the vehicle
On what car do you _need_ the remote to enter and drive the car (having tow the only alternative to e.g. the remote battery dying)? In all cars I have used, you could just use the physical key if the remote failed.
My wife certainly doesn't know how to unlock and start the car without the "keyless" function. Every time the fob runs out of battery, she needs step by step instructions otherwise she's stuck there. She uses and sometimes programs SQL and API calls at work, but knows next to nothing about cars.
In addition to being able to break in and steal anything that’s kept in the car
One don't need any keys or other equipment for that. Glass is really fragile unless armored with foil.
And still most thieves don't even bother with doing that, they simply walk around and find a car that was inadvertently left unlocked.
Capture the lock as they walk into a store.
Take the car while they are in the store.
I'm not sure this attack allows starting the car itself.
https://i.blackhat.com/USA-22/Thursday/US-22-Csikor-RollBack...
This is not that. Keyless radio and remote start radio are typically two different systems.
Even more nefarious is preventing the victim from using their vehicle as a refuge or escape from a dangerous situation such as an attempted murder or kidnapping.
Might make for a good movie plot -- but if someone is putting that much thought into premeditating a murder, there's a lot more straightforward ways to trap someone other than elaborate hacking scenarios.
This seems difficult when you can order a Ford fleet key off Amazon and get access to most Ford trucks and vans for about $15.
I guess this attack is against the keeloq protocol. There are no known total breakage of this kind AFAIK, against the cryptography implemented in the chip. This will be interesting to understand, I mean: what they are exactly doing here.
A protocol that makes sense would be: mTLS. But. Guess what these fobs do not do? Something that makes sense.
And passkeys. Don't forget passkeys. Trivially to implement in some kB of ROM. /s
You jest but there's no reason to stick with twenty year old component restrictions in a car that costs forty grand.
The real cost will be in the software validation and road safety hardening, but there's no reason why the ROM size should be limited to kilobytes.
You can implement full passkey cryptography on a basic esp32 (https://github.com/polhenarejos/pico-fido). Cut out the cruft and you can definitely get a similarly secure algorithm on an actual car key or key receiver.
And honestly, with cars now unlocking over Bluetooth and WiFi, standardising that process to something like FIDO wouldn't even be that awful of an idea. It certainly beats the "we can do cryptography at home" many car manufacturers seem to be going for.
ESP32 won't work 5 years from cell battery. My Dacia key does. Embedded hardware is limited not just because someone wants to save bytes, but because someone wants to save joules (and PCB size).
For the past 20 or 30 years, my insurer made car theft insurance conditional on having an immobilizer device installed that requires code entry through a physical keyboard.
And there were a few years this seemed onerous, but most of the time, there were popular attack in use by car thieves that were prevented (or at least made much longer and more complicated) by this.
Can’t wait for ignorant politicians to ban flipper zero completely instead of accepting the reality that car keyfobs are insecure
AFAIK Flipper Zero is open source, so anyone with tiny bit of electronics experience can recreate it. There's no way to ban it from criminals.
Exactly, but this reality doesn’t stop politicians stop blame flipper zero itself. See this link for Canadian government’s ban: https://blog.flipper.net/response-to-canadian-government/
The article mentions these manufacturers as being vulnerable:
Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi and Subaru
I’m curious why these and not some other major manufacturers like:
Does anyone have additional insights? Perhaps they just haven’t tested enough manufacturers yet? Or perhaps some manufacturers use a different technology that isn’t vulnerable to this type of attack?Automakers typically buy keyless entry systems from third party automotive electronics suppliers. The list in this article is likely all using the same system from the same supplier.
Kind of insane that this works... Surely whoever implemented this knew it was insecure? I honestly wouldn't have thought to check for this vulnerability because... who would do that??
I don't think the word "secure" was ever part of the discussion on keyless entry for cars. They would have used something like "convenience". Secure would maybe be considered in that the car doors are now locked from the keyless. But as far as "secure" being used in regards to the transmission/receiving of the wireless signal? I doubt if it was ever mentioned by anyone other than PR.
It definitely was because they used to not even use rolling codes. Rolling codes were specifically created to prevent replay attacks, and then they somehow thought "oh but if you replay two keys we'll accept them". Insane. They must have just hoped nobody would even think to try that because it's so ludicrous.
Why are so many car manufacturers incapable of using cryptography properly?
Car manufacturers are like automation/control manufacturers; they existed before cybersecurity and never caught up to the pace. If you ever audited any SCADA system, you will see nightmares. For cars, some new models of popular brands (not specifying any), you can access the CANbus from the headlight where you can reprogram the ECM to your new key. It's that simple to "own" a modern car.
PREACH!
Currently sitting in a control room at a greenfield manufacturing facility trying to describe why even VLANning the control network would be a good idea to some controls engineers who want a plant-wide subnet for all PLCs that will be remotely supported by 6 different vendors. The struggle is real
Loosely aware a controller manufacturer who wanted a bluetooth/wifi based password recovery utility with a fixed or predictable recovery key.
They were asked what their exposure would be if someone walked into a datacenter and used their phone to disable all the airconditioning systems.
Do they want the passwords for all their systems to match so they don't need to remember as many?
My suspicion is that they want all the passwords on this site to match the one they use with all their other customers too.
Saves money on password management.
> It's that simple to "own" a modern car.
On the other hand, it's been a great excuse for a hobby project with 12V relays and learning how to write code for an ESP32. :P
I still haven't yet figured out which CAN-bus to tap and which undocumented byte-messages to interpret... but entering the Konami Code on the steering wheel to unlock the ignition is quite plausible. Or an NFC/RFID tag over a hidden reader, or an active bluetooth connection to my phone, etc.
Whatever the case, quite enough to stop the average thief that would target a cheaper vehicle like my own. You could also skip the ESP32, and have a purely analog switch tucked away.
>but entering the Konami Code on the steering wheel to unlock the ignition is quite plausible.
The left, right, left, right part I can see, but surely up, up, down, down, would be difficult on most steering wheels :)
What about media controls? My steering wheel anyway has up and down buttons for skip songs
I've seen one-manufacturer, 2024 models at least, which requires two keys in range, before a third key may be programmed.
Good idea, don't know how effective it is in reality.
Needing two keys for a third one is not new. My 25 year old car needs two keys for adding the third, old Fiats has “red master” keys which are also required during adding keys.
Honda/Acura/Toyota have used similar systems for years; this is one of the reasons why cloning a key costs less flagged hours than making a new one for an owner that lost all of them : when you lose all of them you need to get the actual computer out and pair it with the ecm directly, when you clone them there is a ritual that can be done with the other keys+ the new one.
> ritual
I cannot think of a better word to describe the process. The ritual may involve some chanting. Thank you for that :D
Ceremony like what is done for the DNS root signing.
Man wish we could copy that key onto smartphone (Apple needs to add flipper zero's tech to iPhone) for easy keyless access.
That's common, and it's often a bit stricter. E.g. my Ford Lightning has a pocket you have to put the fob into for this kind of activity. For certain things you need both fobs, so you do one, and then the other, as part of a sequence in the programming. Just being in range isn't good enough.
Proper security is a total pain in the ass, and makes things nigh impossible to use in the manner people want to use them. This naturally makes things more expensive to recover from oopsies.
This is why YubiKeys will only ever work for people technical enough to understand them. Normies will loose it at the first chance, and then be locked out of everything. At that point, YubiKeys will be banned by Congress from all of the people writing in demanding something be done about their own inabilities to not be an ID10T
As far as car security is affected, "normies" really don't care what the algorithm is. The entire UX is "press button to open car, go to dealership if you need new key" and it allows a wide variety of choices re algorithms.
The only reason they use KeeLoq (with whopping 32 bits of security!) instead of something normal, like I dunno, AES-128 or something, is because they are trying to save $0.50 in parts on the item they sell for $100. Oh, and because they don't like any change and don't have organizational ability to use anything recent, like other poster says.
> The entire UX is "press button to open car, go to dealership if you need new key"
Ironically proper security in this case would likely improve the user experience as well. The car provides a 64 bit (or larger) secret value and you manually program a standardized fob with it. No need for custom parts that are only available from the dealer.
I wonder if it's less about the cost of silicon, and more about the energy budget for a device that uses a button-cell battery.
Even if it's a problem with off-the-shelf stuff, I imagine a car-manufacturer could easily get something all nice and tiny and special-purpose.
The encryption only needs to happen when button is pressed, and I am pretty sure the radio energy consumption will be much higher that CPU one.
Airtags transmit much more frequently than car remotes, use similar batteries, and yet do proper security.
Modern keyfobs keep listening and transmitting all the time, as you no longer need to push a button. Just get close enough to the car and it opens.
A terrible "feature", since it means someone can steal your car just by relaying the signal from outside your home at night, or an accomplice walking near you as you're entering the grocery store, etc.
I've become a big believer in leveraging some security features of the physical world, as it seems it's been long enough that everyone's forgetting Therac-25-style problems. (Or, perhaps more accurately, nobody cares because they aren't liable.)
It's not as bad.
Modern keyfobs actually detect motion and if they are motionless for a while, they stop transmitting the signal to both save battery and prevent such attacks.
For old keyfobs, you can get a battery sleeve with integrated motion sensor which does the same (cuts power when fob is not in motion for a while).
Alternatively, some cars let you disable the feature and just use the keyfob as you would use an older one - then you habe to push the button anytime you want to unlock the car.
> (with whopping 32 bits of security!)
Ha! DVDs at least had 48 bits. /s
Proper security doesn't need to be perfect security. In the case of car manufacturers, most of their fob implementations are borderline negligent.
You're right. Sometimes I get tired of typing my sudo passwords and wish there was a faster way. Biometrics are not bad.
It really depends on the way biometrics are implemented. If you're doing it Apple style, where a dedicated chip validates biometrics and uses encryption and signatures to prove to the OS that the user is who the say they are, they're as good and trustworthy as the software you're running on them (which in the case of macOS for instance requires full trust).
If you're doing the "fingerprints implemented as a webcam" or software based facial recognition from a shitty webcam, you're risking quick and easy bypasses. Still good enough for a computer you leave at home (as long as you don't need to protect yourself against shady law enforcement) but definitely not that secure.
From what I've been able to gather online, nobody but Apple and phone manufactures seem to care much about actually doing biometrics securely, including the biometrics hardware companies. It's such a shame because it's definitely possible to do better.
Cryptography is actually difficult for the requirements of a key fob.
The principle issue is that requiring two way communication greatly increases hardware cost and lowers range/reliability. You also would prefer to minimize or eliminate any volitile storage on the devices.
Also you very much want to absolutely minimize the data sent, both for battery life and range/reliability reasons.
And whatever volatile storage the devices have you need to have some way of handling it being reset when its lost due to a dead battery or replaced device.
So standard replay resistant protocols like "door sends a random challenge, fob signs/decrypts/encrypts it and sends the result" are excluded due to the two-way requirement.
The next obvious set is along the lines of "device sends an encrypted counter, door enforces that the counter only goes up" requires nonvol storage in both devices, and then gets tripped up when the fobs counter goes back down due to being reset. (also harder to implement multiple fobs, as they each need unique state).
Agree about the requirements but disagree that it's difficult.
Two way communication and a few KiB of nonvolatile storage on the fob shouldn't be a deal breaker when an ESP32 dev board runs under $10 (an ESP32 being massive overkill for the described use case).
The device sending an encrypted counter is also trivially easy. There's no reason a modern vehicle can't store hundreds (or thousands, or tens of thousands ...) of { u64 fob_id, u64 fob_key, u64 fob_counter } triplets. Push it up to 128 bits if you're paranoid, it won't have a meaningful impact on resource usage.
Case in point regarding the car storing state, the (broken) rolling window algorithm they use requires that the car track the window and accept presses that are out of sync by a decently wide margin. That's likely more complicated and resource intensive than simply enforcing that the nonce only ever goes up.
The rational conclusion is that the manufacturers are either incompetent or malicious. I firmly conclude the latter given that the fobs they offer that are actually secure introduce vendor lock in and a charge to replace a key.
What you're describing is basically keeloq which is one of the most common rolling code systems. It sends a 28 bit serinal number a 4 bit button code, 2 bit code for repeat and low battery, and a 32-bit encrypted part with an incrementing sequence number.
The rx enforces the sequence goes up.
You press button to open. Attacker lets the first sequence go through and the door opens, while the button is still down the attacker jams your second transmission while capturing it themselves.
Now they have a code they can use to open again when you're not around, assuming you don't use it again in the meantime.
If you wonder how vulnerable systems keep getting deployed without it being malicious, you don't need to look any further than the nearest hotshot that thinks everything is "not that difficult" and that everyone else is incompetent.
Security of any kind is just hard. The defender must defend against any possibility while the attacker needs just one vulnerability. How much cost and range and battery life are worth losing when the attacker can just punch through a window with their fist?
You misrepresent my position. The attack you describe isn't the one being discussed here. Unless I've completely misunderstood, the algorithm itself was broken here.
As to the attack you reference. It's active and touchy to pull off. It doesn't particularly concern me but of course would be better if it weren't possible. To that end I'm not clear why there's a double transmission with two distinct and independently usable codes? What am I missing?
I thought the attacker jammed, recorded two user attempts (ie two distinct button clicks, neither being permitted through initially), then rebroadcast the first attempt while retaining the second for later.
> The rx enforces the sequence goes up.
Except that there's apparently a rolling window to support recovering from desync. Which to me sounds more complicated and error prone than a simple nonce that can only ever go up.
Really though the manufacturers ought to (IMO) accept the extra dollar or five on the BoM that it would take to get proper two way communication.
> Cryptography is actually difficult for the requirements of a key fob.
No, it's not.
> The next obvious set is along the lines of "device sends an encrypted counter, door enforces that the counter only goes up"
That's already how rolling codes work. Running a strong crypto algorithm (even Ascon/Speck would be fine here) requires negligible power.
The issue is that this system is still susceptible to jam+replay attack. An attacker can jam the transmitter signal, while recording it at the same time. The user assumes that the button press just didn't register and tries again. The attacker also jams this and records the code. But then the attacker replays the _previous_ code that they stored, keeping the latest code for their future use.
This can _also_ be fixed with a simple capacitor-powered timer circuitry, charged during the keypress. The device can stay completely inert at all other times.
If only almost everyone carried a computer with a radio and local storage and a good battery with them almost everywhere
with a battery life of two years? and durable against going through the washing machine?
If you want simplicity and ruggedness we should never have moved away from steel keys.
Very few keys are made of steel. Brass is the most common material.
The problem with brass is that it wears away and the small shavings of metal gunks up the lock mechanism.
Mercedes used steel keys to avoid this.
The reason these vulnerabilities affect many brands is because they don’t use cryptography. They buy these electronics from other suppliers.
You can ask this question about almost every non-software company. Hell, you can ask this question about most software companies.
The real question is "why are most people and companies incapable of using cryptography properly?"; and the answer is that doing cryptography right is hard, especially if your use case isn't a common one.
To some degree customers love it. It allows you to program your own replacement key without having to go through the manufacturer or an official dealer.
No doubt they would charge $100 or more for just clicking a button and having the equivalent of an NFC writer.
When my favorite quadruped knocked my keys into the trash I had to get my car towed to the dealer for them to program me a new key. One one hand, top notch security as it was impossible to do any other way. On the other hand the total to get this done was something like $500 after everything.
I did this to myself by placing my keys in a pocket of a bag that I've never used before when returning to the airport parking. I found the keys in the bag after paying to have it re-keyed after paying for the tow from the airport to the closest dealer.
This is totally something I'd do. I'm very organized when I travel for work and everything has a place. If I absentmindedly slip something into the wrong part of my bag, it might as well be invisible..
I have a photographic memory for items dropped in a terrible mess, years later "oh that thing is there under this and that"
I also have a problem with thinking of wise places to leave something and then it is gone forever unless I dig through 75% of everything I own. After I find it I am reminded of what my thought process was.
Get a bluetooth tracker (Apple Air Tag, Samsung Smart Tag or the generic Google Find My compatible one for other Android devices), set it up with your phone and attach it to your car keys.
Then anytime you misplace your keys, you can look at a map on your phone and it will show you where to go.
Yeah, big +1 on this tip. I have AirTags on my bags themselves as well as some other things. Don't have them on my key fob, but you may have inspired me to attach one haha.
The map thing when you're nearby and it goes into the sonar-like mode is super cool. Especially combined with the ping noise.
Airtag in the glove compartment of your car.
Oh this is brilliant. Why haven't I thought of this?
I travel a lot for work and always take a pic of my parking space number. A few weeks back I forgot to, realized I forgot before I got in the security line and was like.. nah, I won't forget on a short trip.
When I got back later that week I walked the entire floor of the garage, about 25 minutes.
Yea, hiding one in the car is a great idea, too.
I'm a great example of "for someone supposed to be smart, you do the dumbest things"
Haha, I heard this a lot growing up. And now I have kids of my own..
Well they don't call them stealerships for nothing.
I wonder who make more money on this. The car dealer or the manufacturer.
You can have strong cryptography + ability to self-pair. See bluetooth or wifi or zigbee or many other technologies..
Maybe the car manufacturers should just give up and adopt BTLE. Proper security, and you could unlock with your phone.
What does? The article is very unclear about what exactly this does.
The attacks to rolling code keys are well known but these keys continue to exist. They allow you to pair a key yourself to the car that you buy online. Particularly in the US it's quite common that people buy used cars and then another key online that they pair themselves.
You won't be able to do this for instance with VAG cars that have KESSY. First of all the immobilizer is paired to the key, secondly the only way to pair a new key to it is via the manufacturer or a licensed dealership because you need a blob from their central server. But the consequence is that people feel like they are being fleeced when they need another key, because it can cost you hundreds of dollars to pair one.
In general these types of attacks are much harder in Europe where immobilizers have a legal minimum standard that manufacturers have to meet. On the other hand in the US immobilizer are entirely optional, which has famously led to KIA and Hyundai cars shipping without them and the Kia Boys TikTok phenomenon.
> But the consequence is that people feel like they are being fleeced when they need another key, because it can cost you hundreds of dollars to pair one.
Because the ARE being fleeced. It's an artificial dependency on the vendor on the one hand versus a blatantly insecure approach on the other.
Secure pairing that can be done by the end user isn't rocket science.
It is a bit rocket science because cars stand around. The CAN bus can even be externally accessed if you pop open the right part of the car (common fault are adaptive headlights). It is not as trivial as people make it out to be because cars violate one of the most important principles of having good security: no physical access.
That has nothing to do with secure pairing. It's an entirely orthogonal concern. Any sensitive system on a vehicle is going to be subject to the same thing.
I don't think anyone will be surprised if the security is swiss cheese once you pop the hood open or bust a headlight out. Keep in mind that a brick to the window and tearing up the center console will get you physical access to the head unit on most vehicles.
It is trivial:
1. Initiate pairing via the entertainment system interface.
2. Use rolling codes. Don't allow rewinding the codes.
3. Add a tiny tiny bit of non-volatile memory in the keys so that batteries can be changed without breaking the key. This is only necessary if the car can't be entered using the physical key, otherwise the user can just open the car with the physical key, turn on the ignition and re-pair the key.
I could make a secure system to do this and I'm no crypto genius. (Note this would still be vulnerable to rolljam but that's not a very practical attack, and defeating that is a bit difficult.)
To support car hire/share places if they want to prevent users pairing new keys you could allow setting a password on the pairing interface.
That's more or less already how the rolling code based systems work. The problem of course is that if you have access to one of those keys (or use rolljam to get one or more codes) you have enough to get another key added.
That isn't the problem, at least not the major one that lead to this discussion. It's that the algorithm used is broken. It's example number 9001 of why you should never roll your own crypto for a commercial application. (Amusingly example 9002, TETRA radios, was also on the HN frontpage around the same time).
First of all they did not roll their own crypto, it's just not the most modern crypto any more. Secondly while this particular permutation of the issue is related to bad crypto, it's cascading a completely different issue which is that it's just fundamentally possible to pair a key with physical access which is easy to get.
From Wikipedia:
> KeeLoq is a proprietary hardware-dedicated block cipher that uses a non-linear feedback shift register (NLFSR).
Pretty much any proprietary encryption algorithm is going to qualify as "rolling your own".
"Not the most modern" is a gross understatement.
I can forgive the original authors since it dates to the 1980s and AES wasn't standardized until 2001. (Only just barely though given that DES dates to 1977.) I can't forgive vehicle manufacturers that are _still_ using it (or things significantly like it) 25 years later.
I hope that products manufactured post 2005 use strong publicly available cryptography. After 2010 I fully expect it. After 2015 I view any failure in that regard as gross negligence that ought to be legally actionable.
> it's just fundamentally possible to pair a key with physical access which is easy to get.
I don't follow?
> Pretty much any proprietary encryption algorithm is going to qualify as "rolling your own".
It came out of a university and was acquired.
> I hope that products manufactured post 2005 use strong publicly available cryptography.
A lot of the challenges are related to key pairing and relaying of wireless information in combating with jamming. It’s a tricky thing to secure given the circumstances.
> I don't follow?
Cars stand around 99% of the time and easy to get into. pairing protocols assume that physical access is restricted / not possible. That’s why it’s so much harder to secure car key pairing. What would make it more secure is delegating the security to a remote service which is secured. Eg: what Tesla does with their keys.
That changes nothing. The idea behind not rolling your own isn't just deliberate expert design but also open review by other unrelated experts.
> It’s a tricky thing to secure given the circumstances.
You are hand waving and you are wrong. If you are going to make claims then be specific and make solid points. The various algorithmic solutions are simple and common knowledge these days. I went into more detail in adjacent comments.
By your own logic the physical entry key isn't secure either. After all the car is just sitting around - anyone could jimmy the lock. Similarly all it takes is a decent photograph or two with a telephoto lens to reproduce your typical physical key that will get you in the door.
But all of that is entirely off topic. The broken and outdated wireless algorithm has nothing to do with the criteria used by the vehicle to decide whether or not someone is authorized to enroll or revoke a key. Tie that to possession of the physical key and problem solved. If you can't drive off with the vehicle then you can't pair a new fob either.
> The various algorithmic solutions are simple and common knowledge these days.
Honestly I'm not really sure what you are trying to get to. If you think this is a solved problem, it's really not. [1]
> The broken and outdated wireless algorithm has nothing to do with the criteria used by the vehicle to decide whether or not someone is authorized to enroll or revoke a key. Tie that to possession of the physical key and problem solved.
It has something to do with it in the sense that key pairing that just requires physical presence through the key is susceptible to rolljam type attacks. Likewise the NFC attacks against Tesla also involved enrolling a new key on the car via a relay attack to a present NFC key. You're saying this is so easily solvable, yet time and time again it's shown that this is just a really hard problem to solve.
[1]: https://arxiv.org/pdf/2505.02713
Yeah exactly - requiring either an existing physical key, or an impractical rolljam attack is much better than what they have apparently implemented.
But the attack claims to not need access to the car to initiate any kind of pairing sequence...
Yes. With rolling codes this vulnerability and similar ones are known for a very long time.
Seems to be from 2022. I wouldn't say that is "a very long time".
The fundamental flaws with this approach to keys is known since before 2015, but got a lot of international recognition when people found cheap ways to emulate keys through cheap software defined radios around that time.
I don't think so. The Flipper Zero isn't an SDR.
What's the earliest reference to this attack you can actually provide?
I’m talking about the earliest cases. The earliest references depend on the particular standard of crypto. KeeLoq is a very famous rolling code standard where attacks go back to 2007 and earlier.
RollJam is known since 2014 [1]. It was popularized later through a custom device [2].
[1]: https://spencerwhyte.blogspot.com/2014/03/delay-attack-jam-i...
[2]: https://www.wired.com/2015/08/hackers-tiny-device-unlocks-ca...
They're not. There is AFAIK an ssh key infrastructure for OnStar that's modern and well-run, for example.
Things like key fobs are most likely very incremental changes on "this is the way we've always done it". These organizations are behemoths and steer with all of the inertia of a containership.
And tend to get stuck in their ways like a container ship stuck in the suez canal
[dead]
It's not like the systems they used for physical keys were ever very robust either.
Like when just putting in a usb-A anything into the steering column and letting the car drive away? Nah man, no one will figure it out. We're good. Our backdoors are the best
Why don't cars use public key crypto? Is it too expensive to run on a key?
Probably power-wise, yeah. Most keys only have little coin batteries and people want those to last for years.
I have a "smart" BMW car key and it inhales the battery. I don't think it can go more than a couple of weeks without having to be charged.
Could charging in the ignition be good enough to keep it full? Or a secondary dock at home?
I don't really like the idea of short term key batteries, but it sounds like bmw can improve the current system a lot.
There's no ignition in BMWs anymore. Even if you don't go for the full keyless package, the start is still keyless. You just pay extra to have the doors be keyless too.
Why isn't a link to the repo/firmware the first link in the article?
Most likely because it's made up.
Cool, I was planning to get a spare car key, not anymore!
Also, glad I have one before they would ban it. It’s a neat tool that I have everything I want there, instead of having 4 fobs, one garage remote, plenty of IR remotes, it’s AIO. Plus I don’t have to pay fees to replace my lost fobs
Sadly, it won't work as an extra key, because it causes the original key to stop working.
Welp, that’s a bummer! Have you tried it?
It says in the article
In that case, it mostly will be used in a bad way.
Yeah, by "researchers".
You can be sure that this attack has been well known to intelligence agencies for a while.
Who needs an attack when you've got backdoors and secret courts?
Even a secret court requires probable cause... evidentiary chain of custody etc.
¿Por que no los dos?
Perhaps I should start using Bluetooth and the mobile app instead...
Just use a physical key whenever in public. That should solve part of the issue. I still do that whenever the car is parked in a public parking lot.
So I guess it's back to locking the door manually before I close it, and being absolutely sure I don't leave the keys in the car.
If you're leaving your keys in the car, you have worse vulnerabilities to worry about.
Is there a cheap device you can make yourself or buy from India? Flipper zero is not easy if not impossible to buy.
For this project let's say
Am I the only one that just hates push to start in every way? Sure, I don't need to have the "insert key and crank" to be real, but physical key seems so superior.
Feels like getting rid of the light switches in your house in favor of "smart home" stuff.
I liked my old 'rolla that I could start with any key at all.. or even a paddlepop stick.
Every time I start thinking about these little modern inconveniences, I re-arrive at the idea that this is yet another example of the difference between a product and a tool.
A product ideally works the same for everyone, with as little friction to the immediate function as possible. All other functions are hidden or deleted. Trying to use a product as a tool is slow and frustrating, because the experience never gets better than the first time you use it.
A tool on the other hand needs learning. Sometimes that learning curve is shallow and long, like a hammer, or steep and long like CAD.
Smart home stuff can be pretty great if you treat it like a tool, and only use it where it is the right tool for the job (so, not light switches).
Anyway, I prefer tools.
You mean the key and crank that could be started with a screwdriver and some elbow grease?
I guess you have a Kia. Most cars made in the past 20 years have keys with immobilizer chips.
I mean, keep using your key if you like it. I for one love never having to touch my car keys. I touch my door handle the car unlocks, I touch the start button the car starts.
You're not the only one.
Also, smart people wire their smart home so that the light switches still work. If a smart home controller or some other part of the system fails, people still want to be able to control the lights manually.
That isn't what this article is about. This is about keyless entry.
Keyless start is a different thing, and uses a different wireless system.
I'm on the other of the spectrum apparently, I'm annoyed that I even have to carry a key/fob. I'd rather have a fingerprint sensor or something, with the key as a backup (i.e. when I let some borrow it).
I also have a smart home ;)
I also dislike it when people "fix" things that are not broken.
Jokes on them, I lost my key fob years ago.
cool, I needed a new car, thanks
Pretty sure you want an old car to avoid this one. A bicycle would also avoid it.
Unless you're my son who has to buy a new bicycle lock every month because he loses his bike keys.
Get your son a key ring with a chain and make him attach it to his bag or his pants somewhere.
Tile Pro and AirTag on the keys, and probably on the bike too.
AirTags require people having iphones. Tile requires people with the app. I've lost things with both these items on them and never saw a ping from them ever again.
Well, yeah, there are limitations to everything. They're not going to work on stolen devices when they're overtly advertised in cutesy keyfob holders that say "throw me away first". Use your brain because you have to disguise them on some objects.
AirTags and Tile Pro work fine wherever there are other people. They're not going to work in the Atacama.
They worked fine every time I used them. I recently sent a laptop to France and included one of each. Sometimes the Tile pinged and sometimes the AirTag pinged, but they worked really well across continents.
I also have about 4 of each in a vehicle left unattended for a while in a parking garage that doesn't have a great deal of people around it. And all of them ping at least once a day. The Tile Pros have ~100m LoS range which are quite a bit more than previous ones from years ago.
I dropped one on a keychain on a sidewalk. It never pinged. That was an AirTag.
The other was the time I left my car keys on top of my car. Someone took the keys and put them in a random nearby business’s lost and found. The tile never pinged over the course of days and I had to find it the old fashioned way.
These things never worked for me, but it’s good to know that mail delivery people use these apps/devices that will let you track your packages in realtime.
I didn't realize I dropped AirPod Pros in a case with an AirTag. I watched them bounce around inside an unoccupied Google building like it was picked up by Google's security people. Then, I watched it commute to a residential area of a smaller town. The defunded local police wouldn't even possibly look into it until 48 hours later and only if they wanted to, and the smaller town police wouldn't do anything. It pinged for a day or two afterwards like someone had thrown it into a/their neighbor's trash can.
Lesson: Don't lose shit.
Combo lock
I think the person you are replying to was implying that they can get a new car if their current one gets stolen. (And I suppose if this continues, like a realtor, we will all just keep getting new cars every few years, ha ha.)
Walking also would avoid it. Bicycles produce brake dust!
Anybody knows of a simple non-destructive anti-theft mode like a fuse-switch one can easily install himself on basically any modern car? I need something I can remove and the manufacturer/dealership cannot then see I used it (otherwise they may try to whine about me having broken the car manufacturer warranty).
One of my older (collectible) car has various anti-theft helpers, including trackers. I also remove its steering wheel (easy, no airbag). Then I disconnect the battery. But then my favorite on that car is a kill-switch I had installed on the fuel pump: it's hidden and you flip the switch, car stops instantly. That one if thieves want to steal it they either have to come with a steering wheel, find the trackers, find the switch, hook up the battery or come with a tow truck (they'd still need to get rid of the trackers though).
But yup I'd like to know if there's a simple fuse-switch DIY that's non destructive: basically something I can remove and put back the regular fuse and the car dealership would be none the wiser that I used one.
Anyone know of such a thing?
[dead]
What practical use does this have? From my reading if I capture an unlock signal, the car will not unlock for the owner, so they’ll press their remote a few times.
If I capture a lock signal, presumably I can instead prevent it from locking. The only real world malicious action I can see is being viable is to block the car lock, meaning the car is still in an unlocked state, open the boot (which I’m guessing can be done from the car dash anyway) then locking it afterwards?
This attack lets you use all the functions of the key fob, and not just the action captured.
It makes no suggestion that it’s possible to start a push-to-start car.
Someone looking to break into your car will probably use a brick, not a flipper zero.
Bricks attract lots of attention in busy parking lots. An unlock chirp, removing some bags, and walking off will appear legitimate to bystanders.
Its flipper zero performing this
https://i.blackhat.com/USA-22/Thursday/US-22-Csikor-RollBack...
Suggests that it can be used to start a car. Whether it was a fob start or push start isnt specified.
which slide suggests this? i didnt find anything suggesting you could start a car with rollback
> Whether it was a fob start or push start isnt specified.
... It's literally in the title on the first slide.
It is only an attack on keyless entry. Keyless start systems all use a different short-range radio system.
An attack on keyless entry might let someone trigger a remote starter if supported, but this doesn't enable anyone to drive the vehicle, because you will need to authenticate with the keyless start system after entering the vehicle before you can put it in drive (and to keep the engine running for longer than the predetermined timeout).