Keyless Go — The Connected but Confused Car
It’s a hot topic, modern cars are frequently being stolen by having their Keyless Go systems tricked as reported in this WIRED article. When the owner is at sleep or enjoying a coffee at a café, the car is stolen.
The car thinks that the owner is right next to it and unlocks the doors, but he or she could really be far away. The car is tricked, confused.
It is played out by the thieves having two different radio devices, one next to the car and the other one close to the key. These two devices can theoretically be on the different side of the globe, but usually up to a few hundred meters apart. What now happens is that the key signal is being relayed between these two devices — and the car has no way of telling that it is being tricked.
This is called a “relay attack” and the simplicity is surprising. Why has this not always been an issue? In essence it has, but these type of devices have been expensive and difficult to master. Nowadays though, this is a perfect example of how hardware is getting cheaper and the Internet of Things is opening up vast resources of information and software that can be applied.
Of course we cannot blame the advancement of technology. The same technology used in Keyless Go thefts are being used in various other fields for great use.
How can this be solved?
The best advice for today’s owners is to keep their key in the fridge, or really have this feature disabled and return to pressing buttons each time. The problem is, people truly enjoy the comfort of not having to fiddle with keys each time the car is used.
A natural suggestion might be to increase the level of encryption in the key. This is not helpful though as the relay attack entirely bypasses the encryption that is being used. The thieves never get to hack the key signal — they cannot replicate it later on, it’s only good for the one time they have physical presence between their relay device and the car owner’s key. Another approach is needed.
There’s a fundamental problem with the current Keyless Go systems. They are are entirely closed.
Cars with awareness by embracing openness
Designed to be secure and protective, once a successful method of attacking the system exists, it’s very difficult to patch existing cars. A key would definitively need to be exchanged. It’s the typical downside of closed systems, secure as long as no vulnerability has been exploited, but afterwards simple to attack on each device. Cryptography lived through a similar era during the time when the encryption algorithms were secret (closed), which worked very well until the algorithm got reverse engineered — suddenly all security was lost. Nowadays all secure systems use fully open algorithms that have been standardised, instead it relies on secret keys that are individual to each device. No mass hacking is possible.
Instead of considering a patch to the current Keyless Go system, let’s think about a car and a key that are open to applications. They can interact with phones, smarthomes and other smart devices. The key would have an application that allows you to pair it with your computer. With this knowledge, the key would start to question suspicious behaviour. If the car owner is sitting next to his or her computer, how could the car request a signal to open itself?
Similarly the car would question the intention if its owner always wears a health tracker when approaching the car, but this time there’s nothing but the key signal present.
Another application could take use of the key or device sensors. If no movement is detected, how could the owner walk up to the car? PayPal became a break-through online payment system by mastering fraud detection. Similar intelligence is possible on very low powered devices nowadays, allowing advanced software to be put into keys, wearables and other smart devices.
If anomalies are detected, a double check can be made with the owner if there really was an intention to enter the car. In most cases the convenience would still be there, but in some cases the owner is asked for an additional confirmation. As the key is open to interact with trusted devices, the confirmation could be done through a smartphone — or something that the owner is wearing, a watch. The relay attacks are helpless when manual feedback is required by the car owner.
Applications in the car or on the key are always updatable — taking new threats into account. Keyless Go is a piece of software that could be transferred into a personal smart device such as the phone.
Ironically, an open system would beat the closed system in long-term security.
That’s neat, when will this happen?
Adopting an open system has many benefits beyond Keyless Go, but this is perhaps the single most critical point at this time. Moving to a new generation of controlled openness in the automotive industry will take time, but the pressure is there. The same people who opt-in for Keyless Go and other comfort features are often early adopters also with other types of smart devices and applications.
The time is right for a new generation of software and digital automobility that can be made smarter every day.
