Introduction to common attacks and defense methods on vehicle digital keys

The vehicle digital key is an innovative technology under the transformation of automobile intelligence. Different communication technologies such as NFC, UWB, and BLE (Bluetooth) turn NFC smart cards, smartphones, smart watches and other smart terminals into car keys, thereby achieving keyless Functions such as starting, key sharing, and remote vehicle control provide people with a more intelligent and convenient car experience.

However, the digital development of car keys has also brought new security risk challenges. Attackers use replay attacks, rolling code traversal and other means to crack vehicle keys and maliciously unlock vehicles, posing greater personal and property safety risks to car owners.

1. Types of digital keys

Currently, there are five common types of vehicle digital keys:

The wireless car key is composed of a control system consisting of a transmitter, a remote central locking control module, a driving authorization system control module, three receivers, and related wiring harnesses. The remote control and transmitter are integrated on the car key, and the vehicle can enter the locked or unlocked state according to the signal sent by the smart key. Everyone has basically used it. It has an unlock button, a lock button and a trunk opening button.

NFC card key . Now some new energy vehicles will be equipped with NFC card key. It is very thin and can unlock the vehicle by swiping the card. Put this card on the center console while driving to start the vehicle.

Mobile phone Bluetooth key . After using the car app to turn on the mobile phone Bluetooth key, the mobile phone can replace the car's remote control key to unlock, lock and start the vehicle. Now some new energy vehicles will be equipped with a mobile phone Bluetooth key, such as Jikrypton APP. After being bound to the vehicle, you can use the mobile APP to unlock and start the vehicle.

UWB+BLE key is a key development direction at the moment. From the birth of remote control keys to the development of Bluetooth digital keys, relay attacks have always been an unavoidable topic. Security timestamp technology is added to the UWB solution, which greatly improves UWB's ability to prevent relay attacks.

Biometric key , a technology for identification based on biometric information, is a trendy application at the moment. Generally, a camera is installed above the B-pillar to unlock the vehicle through facial recognition when approaching the vehicle.

2. Risks faced by the five major digital keys

Each digital key has specific risks because it uses specific technology. For example, wireless keys face replay attacks and rolling code traversal attacks. Currently, some manufacturers have discovered that replay attacks have a greater impact on vehicle digital keys, and have upgraded to use code return mechanisms.

NFC and BLE face relay attacks. Currently, NFC cards in vehicles are equipped with CPU cards with higher security levels, but such cards do not have a good defense against relay attacks.

Biometric keys face adversarial attacks, such as common AI adversarial attacks. By using specific adversarial algorithms, the face of the car owner and the face of the attacker are mixed, for example, made into a mask or biometric fingerprint or carved out to attack the biometric key. identification mechanism, leading to vehicle theft.

UWB+BLE keys currently have no specific risk attacks.

Common attack scenarios and techniques will be introduced below.

1. Replay attack

Replay attacks, also known as replay attacks and replay attacks, refer to the attacker sending a packet that has been received by the destination device to achieve the purpose of deceiving the system. It is mainly used in the identity authentication process to destroy the correctness of the authentication.

For example, a car owner uses a wireless car key without rolling code technology near the vehicle and sends a series of unlock signals to the vehicle by pressing the unlock button on the car key. At this time, the attacker nearby can use a specific listening device to send this signal to the vehicle. After recording it, when the owner is no longer next to the vehicle, the unlocking signal can be replayed to achieve the purpose of unlocking the vehicle. In this process, the hacker does not need to have access to the car key. He only needs to receive the unlocking signal from a distance of tens to a hundred meters. Replay attacks are cheap and very effective.

2. Relay attack

"Relay attack" is an attack method that is currently difficult to defend against. It refers to criminals using the car's keyless entry system to trick the car into thinking that the wireless remote control is next to it.

For example, the car owner is working in the office and the vehicle is placed in the basement several hundred meters away. At this time, there are two attackers, Hacker A and Hacker B. Hacker A is standing next to the vehicle, and Hacker B is near the car owner. Hacker A takes out the simulation device and issues an unlock request to the vehicle. Hacker A obtains the information required for authentication and transmits it to hacker B through 4G and 5G technology. Hacker B also has a simulated Bluetooth device. He sends the authentication information to the car owner after getting close to the car owner. The real Bluetooth key mistakenly thinks it is the authentication request sent by the vehicle and will process it and return a legal certification information.

Hacker B then returns the authentication information to Hacker A through 4G and 5G channels. Hacker A sends the authentication information to the vehicle, thereby achieving the purpose of remotely unlocking the vehicle.

During the entire process, the owner and the vehicle were far apart, and the owner had no way of discovering that the vehicle had been stolen. Hackers A and B do not need to know in advance whether the vehicle has encrypted information. They only need to relay the authentication challenge, return the authentication information, and use the information to achieve the purpose of unlocking the vehicle.

3. Face recognition—against attacks

The adversarial sample is an interference pattern generated by algorithm calculation by combining the attacker's image and the attacked image. The interference pattern can cause the face recognition system to misjudge that two people with inconsistent facial features are the same person.

There is an example on the Internet. The research results of a company add some interfering images to the car owner's photos to make glasses similar to this shape. After the attacker puts on the glasses, he can bypass some face recognition mechanisms on the mobile phone. . During the entire application testing process, the researcher verified about 20 mobile phones. At that time, except for the iPhone, basically all other Android phones could be bypassed by this attack method.

Compared with 3D, 2D has weaker security. Because 3D has depth information, three-dimensional information of the face, and calculation of the overall characteristics of the face, and then comparison, the accuracy will be higher. If it is purely 2D, it is very likely to be deceived by some photos, leading to adversarial attacks.

4. Logic loopholes

For example, consider the logic flaw case of Tesla’s digital key. Each Tesla vehicle starts automatically within 130 seconds after being unlocked using an NFC card, and also leaves the car ready to accept a brand new key (no authentication required, zero indication provided by the on-board display).

The researchers built their own app, called Teslakee, which uses VCSec, the same language that the official Tesla app uses to communicate with Tesla vehicles. Within 130 seconds after the Tesla car is unlocked using the NFC card, the NFC card is added to the vehicle after adjusting Bluetooth through VCSec. In this way, when the vehicle is parked here the next day, the attacker can take the newly added card when the owner is next to the vehicle. NFC card to unlock the vehicle, thereby achieving the purpose of stealing the vehicle.

The digital key in the APP on the smartphone has functions such as sharing and adding car keys to pair with new vehicles. There are also many logical problems behind these complex functions. For example, when the vehicle shares the car key, it does not control the timeliness of the shared key well, nor does it delete the relevant key after the key sharing is completed. These are all issues that OEMs need to proactively consider when making digital keys. Security issues in business logic

5. Physical attack

The above are all biased towards remote wireless attack methods. Let me introduce to you how to attack through physical methods. For example, the keyless start scenario.

The car key has two signal transmitters, high-frequency and low-frequency. When the unlock button is pressed, the car key remotely unlocks the vehicle through the high-frequency signal. When the car owner takes the car key and enters the vehicle, it communicates through the low-frequency signal. method to determine whether the car key is in the car and whether it is a legal car key.

When it is found that the car key is a legal key, the receiver will send an instruction similar to the verification to the engine start ECU to start the vehicle. If the command is the same every time, you can use a physical attack to directly send a start command to the engine ECU through some devices, so that you can bypass the car key verification and achieve keyless starting of the vehicle.

Next, we will introduce several digital key analysis tools to analyze whether there are security issues in the working mechanisms of various digital keys.

——Digital key analysis tool

Ubertooth/Ellisys Vanguard: Bluetooth communication analysis tool. Ubertooth can perform low-power Bluetooth-related analysis, follow up on communication declarations and frequency modulation, and capture corresponding communication data. Ellisys Vanguard can track and analyze Bluetooth low energy and classic Bluetooth communications.

Proxmar: NFC card analysis tool. It can be used to communicate with NFC cards or vehicles. Using the NFC communication protocol, you can understand the response mechanism of the NFC card during the verification process, including the instructions involved and what data is sent. If it is a card that contains historical vulnerabilities, you can also use this tool to crack it.

HackRF/USRP: 433Mhz communication analysis tool. It can be used to capture data, and then use specific software to coordinate the communication data, reflect it into digital information, and observe and analyze what data is sent during the communication process, whether planning technology is used, whether corresponding encryption technology is used, or Protective technology.

DWM1001-DEV: UWB signal analysis tool. UWB signals can be captured and restored into digital information, and then analyzed whether UWB processes data in accordance with standards and specifications when interacting with vehicles.

——To analyze wireless signals, you must first know what modulation is and what demodulation is.

Modulation is to use baseband pulses to control a certain parameter of the carrier waveform to form a signal suitable for line transmission. Demodulation is to remove the carrier from the analog signal transformed by the modulator and restore it to the original baseband digital signal when the modulated signal reaches the receiving end. There are three commonly used modulation modes in radio frequency communications, PSKASK and FSK.

——When analyzing a digital key, how to restore it to binary data through professional hardware and software?

Use the URH+SDR device to capture the wireless signal, and then demodulate it. After the wireless signal is demodulated, it will be restored to binary data, or it can also be restored to hexadecimal, etc., and the data it sent during the communication can be restored. Digital information, this is the entire process of converting wireless signals into digital signals.

If you need to tamper with the restored signal, you need to convert the analog signal into a digital signal first, then adjust the data signal to restore it to a wireless signal and send it out. At this time, modulation technology is used to convert binary data with a specific carrier wave into a wireless signal using a specific modulation mode, and finally send it out through the HackRF hardware device, so that after receiving the car key signal, it can be processed Tamper with it and then send it to the car.

Two common wireless signal analysis tools are introduced below. URH and GNURadio are two commonly used wireless signal analysis software. URH is a tool used to analyze wireless private protocols. By connecting the hardware device to the computer and starting the software, you can receive wireless signals and convert the wireless signals into sequences such as 01. It also has a modulation mode to adjust some binary data regularly and then send it out.

GNURadio is a powerful open source software and a wireless development toolkit that provides a variety of signal processing modules to implement software radio. It can be used in conjunction with hardware devices such as HackRF to simulate the transmission of various wireless signals. It can be widely used Study channel frequencies, various types of communications.

1. Defense against replay attacks--Rolling Code

For traditional unlocking commands, the Pass code is the same no matter how many times the unlocking command is pressed. The attacker only needs to capture one of the communications to unlock the vehicle. At present, mainstream car manufacturers are equipped with rolling code technology. Each Pass code is random. The attacker cannot predict what unlocking command should be sent next. The vehicle will think it is an illegal key and will not open the door. This achieves the key of defense. Put the purpose of attack.

Rolling code technology involves two important points. First, there must be a seed for calculating random numbers. Second, the car key and the car terminal must have the same random number generation algorithm. After the two throw the same seeds into the random tree generation method, the car key and the car end use the same algorithm to get the same random number every time. Because outsiders don't know the seed, they don't know how to generate random numbers, so there is no way to predict the next unlocking command.

2. Defense against relay attacks--UWB

Ultra-Wideband (UWB) technology based on the IEEE802.15.4a/f/z standard is a wireless communication technology that uses nanosecond-level narrow pulses for data transmission. Its advantages are shown in the figure below

UWB technology can terminate relay attacks. The reason is that the UWB chip always measures the straight-line distance between the car key and the car (measuring the speed of light TOF). If the car key is not in the car, the car's engine cannot be started, which is very effective in defending against relay attacks.

3. BLE security mechanism—frequency hopping mechanism

BLE has a frequency hopping mechanism, and the Bluetooth channel has two communication channels, advertising channels and data channels (advertising channels and data channels). Among them, the broadcast channel only uses three channels: 37, 38, and 39. The data channel contains a total of 37 channels. During data communication, the frequency will jump quickly among 37 channels, from, for example, 8 to 10, and from 10 to 15, which can jump more than 1,000 times in one minute.

Therefore, for attackers, if they want to capture frequency hopping data, ordinary devices cannot capture it. The OEM can purchase professional Bluetooth equipment to monitor all 37 channels, and then calculate the complete communication data during the communication process. On this basis, it can analyze the two communication data to see whether there is encryption, etc.

The BLE security mechanism has 4 security levels, as shown in the figure below

4. AUTOSAR SecOC – vehicle communication protocol security

The Autosar concept Secure Onboard Communication (SecOC) checks the authenticity of individual transport protocol data units to detect attacks such as replay, spoofing and tampering.

SecOC provides an authenticity function. It adds a MAC value to the data packet to verify the integrity. If you try to replay the command, the command cannot be stored because the counter is not updated in time and there is no integrity MAC value for protection. Therefore, the communication between some key parts, such as the communication between the receiver, the launch controller and the ECU, must be protected using SecOC to prevent physical attacks from bypassing the digital key.

The digital development of vehicle keys has brought people a more convenient and comfortable car life, but the security risks it brings cannot be ignored. OEMs, technology companies and government agencies are constantly researching new defense methods and formulating corresponding security specifications to solve the security problem of digital keys. In the future, with the joint efforts of everyone, I believe that the security risks faced by vehicle digital keys will be gradually resolved, ensuring people's smart and safe travel.

This article comes from "Vehicle Digital Key Security and Application - 2022 Smart Car Security Guardian Cloud Conference (Sixth Issue)"

It’s not easy to share, so please click [ ???? ] and [Looking]