Hacker News new | ask | show | jobs
by rtpg 1220 days ago
I thought keyless fobs all had some sort of counter to prevent replay attacks
1 comments
pseudo0 1220 days ago
Relay, not replay attack. For vehicles that unlock and push to start based on the proximity of the key, basically all you need to do is use a pair of software defined radios to trick the car into thinking that the key is there. Hence a relay attack, where one attacker is located near the key and the other is located near the vehicle, and the two attackers pass the components of the challenge/response to the vehicle via the channel between the two attackers.
link
rubatuga 1219 days ago
Don't they use time of flight?
link
katbyte 1219 days ago
but that of course would cost more money to implement correctly with no further flaws, and many companies are opting for other solutions: https://www.carwow.co.uk/blog/keyless-car-theft-prevention

many many cars are vulnerable to it and will be for a long time.

link
pseudo0 1219 days ago
Newer fobs, sure. But as this article demonstrates, it is very expensive and inconvenient to backport security improvements to millions of vehicles.
link
rtpg 1219 days ago
Ah, that makes sense. Thanks for the detailed explanation
link