

Car theft by relaying signals from wireless keys - bensummers
http://www.technologyreview.com/computing/27037/page1/

======
yatsyk
_Car thieves of the future might be able to get into a car and drive away
without forced entry and without needing a physical key, according to new
research that will be presented at the Network and Distributed System Security
Symposium next month in San Diego, California._

Sadly but this future already is in Russia for a long time. This google
translated article [1] from 2006 is about different code-grabbers. There is
different car insurance price depending do you have additional not so easy
breakable wireless alarm installed.

[1]
[http://translate.google.ru/translate?js=n&prev=_t&hl...](http://translate.google.ru/translate?js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&sl=ru&tl=en&u=http://www.autoreview.ru/archive/2006/21/ugon/)

------
harshpotatoes
So, the attack starts out with the car stopped, and some sort of equipment to
amplify the keyless entry signals to the car and vice versa, so the car thinks
the key is within range. The car starts, and they drive away from the
amplification system. What happens when the car drives out of range of the key
while it is running? Does the engine just turn off, or does it keep going
until you press the engine off button? I wish I had a car to experiment
with... but on the other hand I'll stick with the old fashioned keys, even if
those are rather easy to get past too.

~~~
Deestan
> What happens when the car drives out of range of the key while it is
> running? Does the engine just turn off[...]?

Would be nasty. Imagine the car key running out of battery on the motorway.

~~~
kreneskyp
The key doesn't have a battery. It's usually RFID.

~~~
count
On my Lexus it's both active and passive RFID. If you start the car and the
key is 'active', you have to keep it in the cabin, or the car starts
complaining (I've not been brave enough to drive with it not in there...).

If you start the car with the key as passive (ie: dead battery - you have to
hold it on the ignition button to be detected), it recognizes the difference
and doesn't complain.

~~~
kreneskyp
Just because it's "active" doesn't mean the FOB needs a battery for the RFID
to work. The car could periodically check for the key.

If your RFID required a battery, and required that it constantly be on, then
the battery would need to be replaced often. Couple this with your car
potentially shutting off in the middle of the highway and you've got a very
unsafe car.

I know for certain that VW keys do not need the battery for the RFID to work.
The battery is only used for remote lock/unlock. Perhaps other cars are
different, but I'd consider that a design flaw.

edit: forgot to mention that my VW does not even have physical locks except
for the glovebox. A dead rfid battery, if it had one, would mean i was
stranded. I'm actually not sure what happens if my car battery dies while the
car is locked.

~~~
count
The fob battery does die fairly often (replace it once/twice a year?).

My car has no _visible_ physical locks - there's a small notch under the
drivers door handle you can pop off a piece of the handle using the fob, and
then there is a physical lock you can get into the car with (no way to open
the trunk until you turn the car on).

I've had to do this a few times :)

Like I said, you can still use the key to start the car, but if the battery is
dead, you have to hold it up to the start button.

------
JoachimSchipper
This comes after e.g. the KeeLoq debacle: see [http://dblp.mpi-
inf.mpg.de/dblp-mirror/index.php?query=keelo...](http://dblp.mpi-
inf.mpg.de/dblp-mirror/index.php?query=keeloq). Summary: cryptographically
securing remote car keys/garage openers is an improvement (older products just
broadcast the password), but badly implementing outdated custom algorithms
is... not as useful as the car industry seems to hope.

I'll stick with "real" keys for a while yet.

~~~
nobody_nowhere
Do they still sell new cars with traditional keys?

~~~
JoachimSchipper
If you look at e.g.
[http://www.bmw.com/com/en/newvehicles/3series/sedan/2008/all...](http://www.bmw.com/com/en/newvehicles/3series/sedan/2008/allfacts/equipment/exterior.html)
and click the second icon under the image, "comfort access" - this seems to be
optional. And we're not talking a thirty-year old Skoda here.

~~~
nobody_nowhere
Ah. I was just thinking of keyless entry (which is definitely standard on that
BMW), rather than the keyless start.

------
barryaustin
This is a protocol flaw. The design assumes that proximity (signal) implies
authorization, but the researcher proved this isn't always the case. The
protocol should at least provide assurance that authorization really comes
from the person who has the key fob. Old style physical keys do that, and so
do key fobs with buttons.

------
pmjordan
I'm confused. The article seems to be about the ignition key mechanism, yet
claims no trace of forced entry, which is unrelated. Surely you need to unlock
the car doors and disable the alarm/immobiliser before you can drive off with
it? Or are we assuming people leave their cars unlocked?

Also, once you've driven the car away, you'll have to find another way of
starting it in future; relaying still needs some kind of physical access
(albeit at 8 metres distance) to the original key.

(I'm aware of broken crypto in some wireless keys, which is purely an
implementation issue - you can make these secure. That's not what this article
is about. Quote: _The attack works no matter what cryptography and protocols
the key and car use to communicate with each other._ )

~~~
gvb
The "keys" in question are the ones that magically unlock the car when you are
"close." The attack is a "man in the middle" attack that basically fools the
car into thinking the owner is nearby when he isn't, so the car unlocks and
enables the ignition.

Apparently, once the ignition is enabled, you can drive off without needing
the key "nearby" (interesting experiment, I'll have to try that next time I
get a "keyless entry" rental). Once you can drive off, the car is pwned - you
can strip it for parts (chop shop) or fully defeat the key/ignition security
away from prying eyes.

~~~
pmjordan
Oh, I see. All the wireless car keys I've seen need a button to be pressed to
unlock the driver's door.[1] I'll have to watch out for buttonless keys when
buying a car next, it seems a pretty unsafe concept in itself, e.g. loitering
hijacker getting in the car before you do/with you, etc.

[1] You usually need to press the button a second time to unlock the remaining
doors. There's also often a separate button to independently unlock the boot.
A typical procedure is therefore: open boot with the relevant button, put
shopping inside, close boot, take trolley back to the stand, walk back to the
car, unlock only the driver's side, get in, lock door with button from the
inside, drive off.

------
jimmybot
This could be fixed with an on/off button on the fobs, no? It takes some of
the convenience out of the fob, but it would still be somewhat easier than
fiddling around with a physical key, though quite a bit of convenience is
lost.

Another way would be to attach the key to something like a smartphone. The car
finds it location via GPS and stores it on a server somewhere. If the fob
receives a signal from what it thinks is the car, it asks the smartphone to
confirm its location is near the car's location. The fall-back in case the
smartphone is out of battery or the car did not post its location would be
this vulnerable method where the fob simply responds if it has received the
message from the car.

------
JonnieCache
Surely car design/manufacture is _much_ harder than implementing proven
crypto? The mind boggles. Crypto is a solved problem as far as protecting
passwords goes. How can such huge companies continue to get it wrong?

If I made cars, I'd make sure I'd solved this problem on my products, then buy
some TV adverts showing thieves in carparks bumping other manufacturers locks
wirelessly with ease. Perhaps backed by graceful classical music. Try and make
it look like the advert was bought by my rivals and aimed at car thieves.

Although that might be asking for it...

~~~
varjag
> Surely car design/manufacture is much harder than implementing proven
> crypto?

No crypto is broken in this scenario.

~~~
JonnieCache
Keeping track of your secrets is as essential a part of a crypto
implementation as the algorithm used. As I understand it, they could have used
something like this:
[https://secure.wikimedia.org/wikipedia/en/wiki/Socialist_mil...](https://secure.wikimedia.org/wikipedia/en/wiki/Socialist_millionaire)

EDIT: I understand now, having read more carefully, about how this particular
MITM attack works. Nasty. The only solution would seem to be to give up some
convenience.

------
stcredzero
I bet a lot of wireless keys are insecure because someone's pointy-haired boss
told an engineer it would be cheaper to implement the device by _leaving out
the challenge-response_.

Untold Billions are probably lost every year by someone in charge ignoring
something learned by freshmen undergrads.

~~~
bensummers
The described attack would quite happily work even if there was a challenge-
response system. It works by effectively extending the range of the key,
automatically unlocking the car _using the key_ even though the key is so far
away the owner won't notice you stealing the car.

