Stories
Slash Boxes
Comments

SoylentNews is people

Hackers Can Clone Tesla Key Fobs in Seconds

posted by CoolHand on Tuesday September 11 2018, @05:07PM   Printer-friendly
from the twinning-trivially dept.

Bytram (from IRC) writes:

Hackers Can Clone Tesla Key Fobs in Seconds | SecurityWeek.Com:

[...] The attack described by KU Leuven researchers has four major phases. In the first phase, the attacker obtains the targeted vehicle's identifier, which is transmitted periodically. The identifier is then used to impersonate the vehicle and send two challenges to the key fob.

The response pairs are captured and the 40-bit encryption key can be recovered, allowing the attacker to impersonate the fob and unlock and start the car.

An attack can be conducted using Proxmark 3, a $400 tool designed for RFID analysis, from a distance of 1 meter (3 feet). However, experts believe the distance can be increased to up to 8 meters (26 feet) if purposely build antennas and transmission hardware are used.

This research focused on the PKES system used in the Tesla Model S. However, the analyzed PKES system is made by Pektron and is used by several other manufacturers, including McLaren, Karma and Triumph, which means their vehicles could be affected as well.

Tesla has worked with the researchers to implement measures that should prevent attacks, but none of the other companies responded to attempts to report the flaws.

[...] In general, these types of attacks can be prevented by keeping the key in a special box or pouch that blocks RF transmission. However, this defeats the purpose of the keyless entry and start system.

The researchers do not plan on making public any of the tools they have developed, but a paper containing technical details will become available soon.

Related: Tesla Model X Hacked by Chinese Experts

Related: Chinese Researchers Remotely Hack Tesla Model S

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hackers Can Clone Tesla Key Fobs in Seconds | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by ledow on Tuesday September 11 2018, @09:51PM

    by ledow (5567) on Tuesday September 11 2018, @09:51PM (#733342) Homepage

    People have been stealing BMW's by key-relay attacks for over a year now.

    You get a box/laptop, you go to a house with a BMW parked outside. You aim an amplified antenna at the house, and stand near the car. Chances are that someone's left their car keys not far from the front door.

    The box relays the car signal to the key and the key signal back to the car. The car sees the relayed signal from the key and assumes you are near and (stupidly) lets you open the doors and start the engine.

    You get in, drive off.

    You're sleeping in your bed, when you wake up your car is gone, even though your keys are still in your trouser pocket. There are dozens of documented cases and a handful with CCTV of the culprits pulling off the attack.

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3