Luxembourg Uni Researchers Join Honda to Overcome Car Key Fob Attacks
Two IT experts at the uni’s Interdisciplinary Centre for Security, Reliability and Trust (SnT) will be working to improve the security of the tech, which unlocks the vehicle when the user gets within range and locks it when they walk away.
Such systems have been exposed to so-called 'relay attacks' for years. Thanks to kit readily available on the darknet, thieves are able to capture the car-owner’s key signal, amplify it and send it to a vehicle-side relay box, allowing them to unlock and drive away vehicles.
Such attacks are becoming increasingly common across the globe, prompting a December 2016 warning from the US National Insurance Crime Bureau (NICB).
Automobile associations such as the German ADAC have also developed customer awareness campaigns around the attacks.
It warned that car thieves could carry out a relay attack even with the key fob sitting inside a user’s house. It claimed the components to carry out such an attack could be bought online for as little as €100.
The ADAC also warned that because the crime leaves no trace of any illegal entry, car owners who report their vehicle missing could come under suspicion of attempted insurance fraud if the vehicle is later found completely intact.
Researcher Thomas Engel and his team have begun working on a solution that works with a smart device, such as a phone or a smart watch.
It analyzes the "distance bounding protocol" – the time the signal needs to travel from the key to the car – and if it takes too long, foul play is suspected and the car will automatically lock.
“A big challenge will be the amount of interference on the 2.4 GhZ band because nearly all wireless devices use this frequency nowadays,” said researcher, Florian Adamsky. “Since the distance bounding protocol is very time-critical, it will also prove difficult to implement that protocol on a normal smart device.”
Symantec has looked at this problem before, recommending in a 2015 paper that car-makers focus on “digital capture of location, signing data on capture, and using secure boot and code signing to ensure that firmware isn’t tampered."
Source: Information Security Magazine