|
|
|
|
|
|
by pandaman
3744 days ago
|
|
|
As you can see on the picture yourself, the inside/outside zones are very close to each other. Locating a key with such a precision based on the signal strength alone does not seem possible for following reasons: the key's transmitter is too small to provide stable signal level, the key is located in very anisotropic environment, the car itself changes its shape and hence RF loss from different directions. |
|
|
Yes, the actual key itself is located by the car based on Low Frequency RFID.
The attack described is a relay attack, which means that the key can be spoofed in real time by relaying short range radio transmissions to two locations.
The mistaken assumption of the security system is that the short range communication protocol used by the car and the key requires the key to be in close proximity to the car.
Since the communication may be relayed, the range assumption is invalid. The main suggestion is to use high precision timing to determine the range, as it is very difficult to cheat on the speed of light.
I agree that "signal strength" is not the best way to phrase the above in a technical discussion.
I have not seen any indication that triangulation or any other physical location system is used in vehicle PKES.