Comment by mppm 15 hours ago
I'm confused why this is still an unsolved problem. A simple cryptographic challenge with pre-shared keys + button press ought to make key fobs perfectly secure for all practical purposes. Is there something I'm missing here?
yeah, this is what the article is describing as to what it was like in the early 2000s (assuming no moronic key reuse)
the problem is they "improved" the usability
it was safe when you had to push a button, but now roles are flipped so the car is the initiator, and doing it constantly
the protocol is now subject to a whole entire extra class of attacks it was never designed to deal with
You have to be able to get new keys made without having an original to read. A database of vin, key would be too big of a target and would have to be shared with dealers anyway so they could program new ones. I'm not a security expert but it seems like it would really shorten battery life on the fob if you wanted to protect against replay attacks by adding a time sensitive value.
Key distribution is (as always) an important, but solvable problem. There are some tradeoffs involving centralization vs cost of replacement, but those apply generally, not just in this particular case.
As for replay attacks, that's where the button press comes in (like on a hardware security token) -- the key only responds to challenges within a second or so of a button press and the car sets a similar timeout for validity.
Re price tag: you can buy a smartphone for 100$. Surely it is possible to mass produce cheap key fobs with send/receive capability and a tiny crypto module.
Re power: Key fobs already do some form of crypto and broadcast. Adding reception capabilities ought not to be that power hungry.
I've got an even better solution: Picture a piece of metal, cut in a specific way as to allow metal "tumblers" inside a small cylinder to turn, engaging and disengaging the locks and/or ignition, whereas other pieces of metal, cut differently, would not allow any motion. I know, it sounds far out there, but we should give it a shot.
And how that will protect you from repeater attack? I just steal your car while you are in mall with this just as easy, encryption or not. I don't care about the signal, just that I capture it, send it to my other device near your car and kaboom!, your car unlocked.
It requires two-way communication, which makes the system more complex, with all the negatives that come with it.
Cars are not very secure by nature: they have easy to break glass windows, and are made of relatively lightweight materials. The key system just needs to match that level of security, and AFAIK, attacks on the keyfob are uncommon compared to other, less subtle techniques.
The more complex and sensitive "PKES" system, according to the article already has a challenge-response system, but it doesn't help with relay attacks.