Keyless systems on cars easily hacked, researchers say
Researchers at Switzerland's ETH Zurich University show how passive keyless entry and start systems can be compromised
Computerworld - The passive keyless entry and start (PKES) systems supported by many modern cars are susceptible to attacks that allow thieves to relatively easily steal the vehicles, say security researchers at Switzerland's ETH Zurich University.
In demonstrations using 10 cars from eight makers, the researchers showed how they were able to unlock, start and drive away the cars in each case, by outsmarting the smart key system.
The break-ins were carried out using commercial, off-the-shelf electronic equipment available for as little as $100, the researchers said in a paper describing their exploits.
Although the possibility of such attacks on keyless systems has been discussed previously, it has not been clear before if they would be feasible on modern cars, the researchers said. "In this paper, we demonstrate that these attacks are both feasible and practical," they said.
The keyless systems exploited in the Zurich demonstrations are designed to let car owners lock, unlock and start their vehicles without having to take the key fob out of their pockets. They allow car doors to unlock when the person carrying the key approaches the vehicle, and to lock them when the person walks away from the vehicle.
To start the keyless vehicle, the user needs to be inside the car with the key on their person or within the car. There is no need, however, for the key to be inserted physically into the ignition lock to start the vehicle.
The car and the key fob communicate with each other using a combination of both Low Frequency and Ultra High Frequency radio signals. The door lock and unlock functions, asw well as the engine start functions, are activated by the proximity of the key fob to the car. When the key is brought close to the car, it issues a command to open the car and turn on the ignition.
For the experiment, the researchers used a pair of commercially available loop antennas for capturing beacon signals from the car and relaying it to the key fobs. The antennas were used to fool the car into believing the key fob was in closer proximity to the vehicle than it actually was.
First, one of the antennas would be placed on the exterior of the car, close to the door handle, to pick up signals from the vehicle and relay it to the second antenna located some distance away. Signals received by the second antenna would then be picked by the key, which would relay instructions back to the car to unlock the doors.
- Reducing the cost and complexity of endpoint management IBM now offers simpler, more affordable solutions for improving endpoint security, patch compliance, lifecycle management and power management within midsized organizations. Read this...
- The Business Value of Continuous Delivery Download this whitepaper to learn more about the business value of Continuous Delivery and see why it could be a game changer for...
- Ten Factors Shaping the Future of Application Delivery Download this research report conducted by Enterprise Management Associates (EMA) to learn how those that are seeking to accelerate application delivery are leveraging...
- Software Asset Management: Ensuring Today's Assets Today's trends like BYOD and SaaS are new and exciting in terms of how they will help make our jobs more productive but...
- IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Leveraging Flash Storage to Accelerate Oracle Real Application Clusters Join this webinar to understand the latest solid-state storage trends, the specific applications driving solid-state storage deployments and the benefits of deploying the... All Endpoint Security White Papers | Webcasts