Keychains Model S could be cloned in seconds to steal cars



[ad_1]

Security experts have warned security experts.

According to a study of computer security and industrial cryptography (COSIC), a division of the Belgian Catholic University of Leuven, the vulnerabilities of the Passive Keyless Entry and Start system related to the high-end electric car could be exploited.

"We implemented a proof of concept attack that allows [users] clone a keychain in seconds, "said the experts in a report released Monday. "The attack device consists of a model Raspberry Pi 3 B +, Proxmark3, Yard Stick One and a USB battery pack." Cable, who first reported news of the vulnerability, said the technology needed to clone a keychain costs about $ 600.

In a video uploaded to YouTube, one can see the researchers completing the cloning in four steps: they retrieve the car's identifier, frequency activity near the key ring and the cryptographic key, and borrow the identity of the key ring. The whole process takes less than two minutes.

The attack probably affects other manufacturers, including McLaren, Karma and Triumph, but the researchers said the companies had not responded to his reports. The fob system was purchased from a company called Pektron and is not Tesla's own design, they noted.

For disclosing the attack, Tesla paid a $ 10,000 bug bonus to the university team. The automaker last month confirmed new security updates, including "enhanced cryptography" for its keychains.

"Based on the research presented by this group, we worked with our vendor to enhance the security of our keychains by introducing more robust cryptography for Model S in June 2018," said a spokesperson. Cable this week. "A corresponding software update for all S Series vehicles allows customers with cars built before June to switch to new keychains if they wish."

Is there a fix?

According to COSIC, there are a number of short-term solutions that Tesla customers can take. These include the use of a Faraday bag to block RF transmissions and change the keychain "by adding an extra push button, which only activates low frequency communication when you press it".

Electrek, a blog dedicated to the electric transport industry, reported in July that Tesla had warned Model S owners about "relay attacks," the same type of attack used by COSIC.

"You can reduce the risk of unauthorized entry by disabling passive entry in public spaces or by storing your key in a holder that blocks electromagnetic transmissions, such as RFID blocking sleeves or Faraday cages."

The news came after two homeowners in Germany reported the theft of their cars by thieves who potentially cloned keychains. Integrated GPS tracking can ultimately deter criminals, Electrek noted.

Tesla Model S vehicles have a feature that allows users to track them using their smartphone.

While the research team said it would soon present a detailed technical summary of the results, all budding car drivers should not hope this will give them useful information. "We will not publish all the necessary tools to get out and steal the vehicles involved," says the report. "At a later stage, we will publish parts of the tools that can help other researchers."

Last year, British police broadcast footage of a so-called relay attack, showing thieves stealing a vehicle without needing the real keychain. In addition, research conducted in 2016 warned that "millions of vehicles around the world" were threatened by keyless entry attacks.

[ad_2]
Source link