Automotive Security Research
Attacking Automotive Remote Keyless Entry Systems
Remote Keyless Entry (RKE) systems are ubiquitous in modern day automobiles, providing enhanced convenience for vehicle owners, occasionally at the cost of security. Most automobile companies have proprietary methods of implementing RKE systems, sometimes built on insecure algorithms and authentication mechanisms. This paper presents a comprehensive study conducted on the RKE systems of 7 different cars from 4 automobile manufacturers not previously explored.
We analyze the design, implementation and security levels of Honda, Maruti-Suzuki, Toyota, and Mahindra. We also do a deep dive into the RKE system of a particular Honda model. Additionally, the paper evaluates the susceptibility of these systems to known vulnerabilities, such as, Rolljam and Rollback attacks. This was done using a novel tool ‘Puck-py’ developed using open source software that helps analyze RKE protocols. The tool automates several aspects of the protocol analysis process, reducing time and logistical constraints in RKE research. The findings of this research and the protocol analyzer tool ‘Puck-py’ provides valuable insights into the automotive RKE security levels and thus will help in development of more robust and secure automotive RKE systems.