Tons of the rolling key systems on the market are based on KeyLoq, and keyloq is a fairly well designed system with a big lynch pin.
It has something called a 'manufacturer key', which needs to be available to any device that allows field pairing of remotes. If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Absent the manufacturer key, jamming+replay attacks work, but brute forcing a sequence key is generally prohibitively costly.
However, since any receiver that supports field programming needs the magic "manufacturer key", one could purchase such a unit, and may be able to extract said key.
They could've designed a system that doesn't require a fixed secret master key, but instead generates a unique random key for each receiver and requires a physical connection between the fob and the receiver (located inside the locked part of the car) to pair them. Of course such a generic system would be against manufacturer's interests in controlling the repair and aftermarket industry.
As long as you have two-way wireless communication (which any keyless entry/start system does), then you can simply do a Diffie-Hellman key exchange during the pairing process.
Diffie-Hellman is designed for exactly this usecase, allowing two parties to derive a shared secret key over a public channel without exposing it.
>If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Not if seed with appropriate length is used. Though I don't know how common that is, back in 2008 authors noted that "We would
like to mention that none of the real-world KeeLoq systems we analyzed used
any seed" (https://www.iacr.org/archive/crypto2008/51570204/51570204.pd..., section 4.3)
This is why keyless "start button" functions on cars is a bad idea.
The old approach of keyfob to unlock the car and a real key for the ignition is safer.
Having multiple levels of security is good.
However, having worked in the car security industry many years ago, I discovered that car manufacturers actually like it when their customer's cars are stolen - Insurance payouts often result in another sale.
As far as I know no vehicles use this kind of rolling code algorithm for push button start, only key fob functions. Certainly not in Europe (due to immobilizer regulations) but I don’t believe anywhere else either.
Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
It’s also worth noting that European makes in general tend to have much better cryptographic key security. My understanding is that this is due to a combination of regulation, a relationship between insurance and automakers which requires some security standard, and a high rate of theft leading to an adversarial environment.
> Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
I don’t think this is true, for instance how does the key fob trigger a start sequence for vehicles equipped with remote start? They must be connected to the same CANBUS, so the key fob can interface with the start systems. This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS (i.e. headlights being addressable in CANBUS)
Pretty short sighted, given how much we've seen insurance rates climb for specific makes. People know you'll be paying through the nose for certain Hyundais models. That kind of brand damage can't be cheap
Sure, but in my experience, people never attribute high insurance costs to the underlying risks being high, rather they blame that on the insurance companies and then vote for people who promise to “do something about it“.
I’m sure there is brand damage from people hearing that a particular car is frequently stolen, because having your car stolen as a pain. I am skeptical the analysis reaches deeper than this first level tho.
Note those Hyundai's relied on old fashioned cut keys and not electronic transponders, and the solution was electronic transponders because the old style stuff was so trivially bypassed.
>The old approach of keyfob to unlock the car and a real key for the ignition is safer.
"Safe" feels like wrong word to use here. Safety is not same as security.
One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
If you actually want to keep your car secure (meaning criminals wont break into it or steal it in this context) just drive old beater and do not leave anything valuable in the car or trunk. I am driving a car that is nearly as old as I am and its fighting a losing battle against rust and I have nothing more valuable than trash inside the car.
> One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
Here in the UK vehicle theft reached an all time low in 2014. It’s doubled since then. If there was an increase in car jacking it must have been minescule by comparison. It’s not really a crime that happens here.
I had an old beater van that got stolen. It turned out that model was known to be easy to steal. I suspect most car theft is done because it’s easy and fairly low risk. Walk up to a car in the night, fiddle around for a few minutes and drive off.
I still drive a car with a key. It’s completely fine. Who actually asked for keyless entry?
Old beaters are exactly the things that get stolen. Their security can often be beaten with a butter knife or coat hanger. That's more about minimizing the losses, for which it's a useful approach. Running costs tend to be lower as there's little purchase price and no incentive to do expensive repairs instead of dumping a broken one for another running beater.
If someone wants to stole the car they will steal it.
Stealing a car is not the same as stealing a candy. In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
As for the "beaters": shortly after Russian invasion on Ukraine plenty of cars were stolen in Poland. Not the expensive kind but usually 10-30 years old cars with big and reliable engines (V6, V8). I know 6 people that had Jeeps Grand Cherokee stolen (different generations).
My uncle wanted to renovate Isuzu Rodeo with completely rusty frame but V6 engine of a value of like 300€ and it was stolen too.
Where I live, the ability for the "Kia Boys" to easily steal cars, really boosts their effectiveness at robbing people at gunpoint. Sprees of 20 people being robbed by the same group. It's not poor kids who lack school transporation options, doing their best to get by.
Strong disagree. Many car thefts are by POS teenagers who do it because it's easy and they can get away with it. They then proceed to drive those cars recklessly, endangering the lives of other people, or worse, use the sense of anonymity and power provided by the stolen car to commit violent crimes.
One could also argue that most people didn't bother because violent crimes are much more severely punished, now that the bar is so low people steal much more. And the stats would back it up
I'm currently driving a rental which has this feature and I can't stand it. There is no added value and this feature exists solely to appeal to people who think it's "cool". (They must exist, right?) I guess you get used to it with time but I find myself constantly having to throw the key back into the car so I can do things like exit momentarily and keep the air conditioning going. I also don't trust that the car won't then lock itself with the key and my child inside, so I also have to remember to roll down the window.
Unwarranted worries. I keep the fob in my pocket all the time, the car will keep running without the fob. Also usually these systems have incar fob detection. Mine will refuse to lock if it senses the fob is inside the car.
There's a huge value feature, I can keep the "key" in my pocket or bag or whatever and I don't have to fetch it out. Plus the "key" can be a phone or other device.
Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
It’s convenient. If I want to keep the AC on when I exit, I push the button for that before I get out.
It’s especially nice when the key is my phone. I never have to worry about keys. I just get in my car and drive, and when I arrive I get out. I keep a key card in my wallet as a backup in case my phone explodes.
As a DIY option, there are definitely ways you could add MFA-like security with a simple switch/relay (attached to said authentication factor) in most ignition systems.
However, that wouldn't help with the "desyncing" or unlocking aspects of this attack.
I had a used VW gti (late last century) with an imobilizer. It let the engine crank but wouldn’t start. It also locked the hood from opening, leading to some panic when first getting the car and forgetting it had this feature.
disagree, if you mean simple cut key. a screwdriver defeats it.
ok, if you mean a key that has a chip embedded, where the key cuts are just window dressing and the real magic is still in cryptographic proof of "something you have". i am not aware of any such key ever being produced, but i certainly do not have comprehensive knowledge. GM had something close to that.
Immobilizers (which lock out the engine until there's been some authorization from another device, i.e. from a chip in the key) have been mandatory in cars in the UK at least (and I would presume Europe on similar time scales) for almost 30 years (from 1998). Seems they've been sold in cars for a few years longer than that (from 1992). According to: https://www.carwow.co.uk/guides/glossary/what-is-a-car-immob....
Maybe never introduced into the US market? Would find that hard to believe.
I’m pretty sure most cars in the later key era used some sort of chip verification on ignition for the key. It wasn’t just a physical thing. Given it was 15 years ago, I don’t know how cryptographic the proof was - perhaps it was just reading a number from the key. But the hyper short range nature of it made it quite secure.
I think the early 90s gm keys with the chip were just resistors in the key body. They stop reading over time but you can splice in the correct value to bypass
I've never seen anything but problems with keyless ignitions. It really seems like a solution in search of a problem no one actually had, and makes the car much more irritating. I guess it's in line with the whole remove real controls and buttons crap because "muh software", "muh reprogrammable interfaces" etc that certain nerds think is a good idea for who knows what reason.
I've only ever personally seen failures with keyed ignitions. They are subject to physical wear. This is a problem solved by keyless ignitions which have zero physical wear parts.
I sometimes imagine how much of this could be avoided if the communication signals weren't (a) broadcast or (b) a imperceptible to humans.
If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
If the signals were audible sound, you'd know when someone was jamming it.
In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
> If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
You could even take it a step further for extra safety: the door handle could have a slot that requires a specifically shaped piece of metal to be inserted. Only a piece of metal with the correct shape would allow the lock to be opened.
>If the signals were audible sound, you'd know when someone was jamming it.
This would be very popular in East Asia. They love everything that beeps. Rice cookers play a melody, pedestrian crossings play a melody, garbage trucks play a melody. Japan is the country of beeps.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Yep, that's the simplest fix. Key is required in the door to open/unlock.
You'd think too that a firmware update to the car could enable that behavior. I mean most cars still have a physical lock on at least the driver's side door as a "back door" to getting into the car if the fob is non-operational.
The problem is that the overwhelming majority of cars are effectively abandonware on this metric.
This is exactly the benefit of the free software, and why having your own ability to fix, recompile and reinstall the software, is essential, even on things such as cars where you may think it's not needed or is too complex to handle.
> In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
I would be surprised if automotive manufacturers used separate rolling code keys for locking and unlocking.
> Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
Yes, what I meant is that such symmetry is not strictly required, and breaking the symmetry opens up ways to enhance security (of unlocking when you arrive) while keeping most of the convenience (of locking while leaving.)
For example, imagine "Lock" is a typical broadcast from anywhere within X meters, but "Unlock" requires touching the fob to an infrared port, and they use independent codes.
governments are not so enamored with the “just posting code” defense, especially anymore. look at the recent Roman Storm case or what happened with decss back in the day
Roman Storm didn't "just post code." He created, and profited from, a service used by criminals (including the North Korean government!) to launder stolen money.
Of course Storm argues that Tornado Cash is decentralized, but you can't just start a mafia branch, hand out free shares at the mall, and then claim that you actually didn't commit any crimes because you have 10,000 other voting shareholders.
Depends on the implementation. Most times you just have to click it a few times in a row. The receiver then realizes it missed a few button presses and it re-syncs. I’m not sure what that window is though, at some point it might get so out of sync that the receiver ignores it and assumes it is a wrong fob.
If I remember correctly the size of the rolling window differs, more modern vehicles may allow about 100 code discrepancy before ignoring the transmitter, while old models might have been 5 to 10.
Unfortunately that video is lots of talking and little substance, so it's hard to properly evaluate it. From the little info shown there it just looks like a nice repackaging of the old rolling flaws (https://github.com/jamisonderek/flipper-zero-tutorials/tree/...)
> For this new attack to work, all that is needed is a single button-press capture from the keyfob, without any jamming. Just from that single capture, it is able to emulate all the keyfob's functions, including lock, unlock, and unlock trunk.
If I don't press the buttons on my keyfob am I safe from this?
The only keyfob functionality I normally use is that when it is outside the car but within about a meter of the door handle the door can be locked or unlocked by pressing a button on the door handle.
If you keep your car key close enough to your front door, it's possible to relay the signal that the key is constantly broadcasting closer to the car, allowing an attacker to hit the button on the handle and unlock it without posesssing the key.
As I understand there's still challenge/response stuff going on when you use a physical key or similar means to unlock the car or start the ignition (as that is how the alarm system and immobiliser distinguish a real key from someone picking the lock or hotwiring the car).
I don't know the details of the attack in the article, but my speculation would be that it would be vulnerable.
If the attack causes the original key to no longer work, imo the major threat vector is someone sitting in a parking lot, capturing key presses, performing the attack, and forcing the user to tow+re-program the key as a nuisance, rather than stealing the vehicle
On what car do you _need_ the remote to enter and drive the car (having tow the only alternative to e.g. the remote battery dying)? In all cars I have used, you could just use the physical key if the remote failed.
My wife certainly doesn't know how to unlock and start the car without the "keyless" function. Every time the fob runs out of battery, she needs step by step instructions otherwise she's stuck there. She uses and sometimes programs SQL and API calls at work, but knows next to nothing about cars.
Even more nefarious is preventing the victim from using their vehicle as a refuge or escape from a dangerous situation such as an attempted murder or kidnapping.
Might make for a good movie plot -- but if someone is putting that much thought into premeditating a murder, there's a lot more straightforward ways to trap someone other than elaborate hacking scenarios.
Readit News
It has something called a 'manufacturer key', which needs to be available to any device that allows field pairing of remotes. If that manufacturer key is known, it only takes two samples from an authenticator to determine the sequence key.
Absent the manufacturer key, jamming+replay attacks work, but brute forcing a sequence key is generally prohibitively costly.
However, since any receiver that supports field programming needs the magic "manufacturer key", one could purchase such a unit, and may be able to extract said key.
As long as you have two-way wireless communication (which any keyless entry/start system does), then you can simply do a Diffie-Hellman key exchange during the pairing process.
Diffie-Hellman is designed for exactly this usecase, allowing two parties to derive a shared secret key over a public channel without exposing it.
Not if seed with appropriate length is used. Though I don't know how common that is, back in 2008 authors noted that "We would like to mention that none of the real-world KeeLoq systems we analyzed used any seed" (https://www.iacr.org/archive/crypto2008/51570204/51570204.pd..., section 4.3)
KeeLoq is also used for garage door openers.
Some KeeLoq receivers have a "learning mode" where it adds the next KeeLoq transmitter it hears provided it uses the same manufacturer key.
Learn mode is activated either with a button often on the PCB or with a "master" transmitter.
https://en.wikipedia.org/wiki/KeeLoq
Deleted Comment
The old approach of keyfob to unlock the car and a real key for the ignition is safer.
Having multiple levels of security is good.
However, having worked in the car security industry many years ago, I discovered that car manufacturers actually like it when their customer's cars are stolen - Insurance payouts often result in another sale.
Generally, long range key fob button functions and the short range start release functions are separated, both intentionally for security reasons and due to the different problem space occupied by each.
It’s also worth noting that European makes in general tend to have much better cryptographic key security. My understanding is that this is due to a combination of regulation, a relationship between insurance and automakers which requires some security standard, and a high rate of theft leading to an adversarial environment.
I don’t think this is true, for instance how does the key fob trigger a start sequence for vehicles equipped with remote start? They must be connected to the same CANBUS, so the key fob can interface with the start systems. This is also how a lot of vehicles are stollen, because of abuse/misuse of CANBUS (i.e. headlights being addressable in CANBUS)
https://www.usenix.org/system/files/conference/usenixsecurit...
I’m sure there is brand damage from people hearing that a particular car is frequently stolen, because having your car stolen as a pain. I am skeptical the analysis reaches deeper than this first level tho.
>The old approach of keyfob to unlock the car and a real key for the ignition is safer.
"Safe" feels like wrong word to use here. Safety is not same as security.
One could also argue that criminals being able to steal parked cars is safer over all for society as they then don't feel the need to car jack you while you are actually in the vehicle.
If you actually want to keep your car secure (meaning criminals wont break into it or steal it in this context) just drive old beater and do not leave anything valuable in the car or trunk. I am driving a car that is nearly as old as I am and its fighting a losing battle against rust and I have nothing more valuable than trash inside the car.
Here in the UK vehicle theft reached an all time low in 2014. It’s doubled since then. If there was an increase in car jacking it must have been minescule by comparison. It’s not really a crime that happens here.
I had an old beater van that got stolen. It turned out that model was known to be easy to steal. I suspect most car theft is done because it’s easy and fairly low risk. Walk up to a car in the night, fiddle around for a few minutes and drive off.
I still drive a car with a key. It’s completely fine. Who actually asked for keyless entry?
Stealing a car is not the same as stealing a candy. In Europe all parts are marked so it takes significant effort to sell or modify such cars. It's not like people steal them and then sell it at yard sales.
As for the "beaters": shortly after Russian invasion on Ukraine plenty of cars were stolen in Poland. Not the expensive kind but usually 10-30 years old cars with big and reliable engines (V6, V8). I know 6 people that had Jeeps Grand Cherokee stolen (different generations).
My uncle wanted to renovate Isuzu Rodeo with completely rusty frame but V6 engine of a value of like 300€ and it was stolen too.
And it happened ~1 month after it started.
https://www.krqe.com/news/crime/teen-given-max-sentence-afte...
One could also argue that most people didn't bother because violent crimes are much more severely punished, now that the bar is so low people steal much more. And the stats would back it up
https://images.vivintcdn.com/global/Blog%202022/01-Number-of...
Adding in a stick of metal that can be trivially bypassed does nothing to make the car more secure.
Isn't it the same for old style key, but with even more actions? Like to navigate a keyhole, turn the key...
It’s especially nice when the key is my phone. I never have to worry about keys. I just get in my car and drive, and when I arrive I get out. I keep a key card in my wallet as a backup in case my phone explodes.
Hyundai and Kia have joined the chat
However, that wouldn't help with the "desyncing" or unlocking aspects of this attack.
It was a circular key below the steering wheel.
Not every problem needs a tech solution.
ok, if you mean a key that has a chip embedded, where the key cuts are just window dressing and the real magic is still in cryptographic proof of "something you have". i am not aware of any such key ever being produced, but i certainly do not have comprehensive knowledge. GM had something close to that.
Maybe never introduced into the US market? Would find that hard to believe.
If it an electrical contact in the door handle, it would be very difficult for anyone to monitor or inject other signals.
If the signals were audible sound, you'd know when someone was jamming it.
In practice, my number one use of a fob from a remote distance is locking, rather than unlocking, and those two operations don't have the equivalent security risk.
You could even take it a step further for extra safety: the door handle could have a slot that requires a specifically shaped piece of metal to be inserted. Only a piece of metal with the correct shape would allow the lock to be opened.
This has been attempted but unfortunately this algorithm is vulnerable to the #ScrewdriverHammer attack.
This would be very popular in East Asia. They love everything that beeps. Rice cookers play a melody, pedestrian crossings play a melody, garbage trucks play a melody. Japan is the country of beeps.
Yep, that's the simplest fix. Key is required in the door to open/unlock.
You'd think too that a firmware update to the car could enable that behavior. I mean most cars still have a physical lock on at least the driver's side door as a "back door" to getting into the car if the fob is non-operational.
This is exactly the benefit of the free software, and why having your own ability to fix, recompile and reinstall the software, is essential, even on things such as cars where you may think it's not needed or is too complex to handle.
Wouldn't the risk be the same if the same rolling code keys was used for both locking and unlocking?
I would be surprised if automotive manufacturers used separate rolling code keys for locking and unlocking.
Yes, what I meant is that such symmetry is not strictly required, and breaking the symmetry opens up ways to enhance security (of unlocking when you arrive) while keeping most of the convenience (of locking while leaving.)
For example, imagine "Lock" is a typical broadcast from anywhere within X meters, but "Unlock" requires touching the fob to an infrared port, and they use independent codes.
Why is there so much politicatization and bait click of dark web stuff, it's still internet.
It's literally being sold on dark web. People call everything "dark web" but this time it's correct.
Of course Storm argues that Tornado Cash is decentralized, but you can't just start a mafia branch, hand out free shares at the mall, and then claim that you actually didn't commit any crimes because you have 10,000 other voting shareholders.
I always wonder about this: what is the consequence of that? Can the user reset it, or does it have to be done by a retailer or something?
If I don't press the buttons on my keyfob am I safe from this?
The only keyfob functionality I normally use is that when it is outside the car but within about a meter of the door handle the door can be locked or unlocked by pressing a button on the door handle.
I don't know the details of the attack in the article, but my speculation would be that it would be vulnerable.
Take the car while they are in the store.