Security of remote car locking system against eavesdropping

Abstract

Vehicle industry is growing rapidly. To sustain in the market manufacturer uses various technology in vehicles. In today's world users need more comfort in addition to efficiency of vehicles. With the advancement in the technology, traditional mechanical keys for vehicles has been replaced by Remote Key less Entry System (RKES) in order to improve user's safety and convenience. In RKES user carries a key fob with buttons to operate the vehicle. The user presses a button on the key fob to lock or unlock the vehicle. Although this replacement has provided major improvement in comfort, efficiency and safety of the user, it has also introduced several new threats. Attackers have found new ways to attack the RKES. Vehicle industry is suffering from illegitimate copying of software IP, duplication of electronic components, illegitimate tampering of digital data stored in the Electronic Control Units (ECU) of RKES. Existing authentication protocols in RKES suffers from various attacks such as scan attack, replay attack, forward prediction attack, dictionary attack and On-board Diagnostic (OBD) port scan attack. This work describes the potential threats against a RKES. This work found vulnerability in lightweight encryption algorithm used in authentication protocol and show how attacker can use this vulnerability in his favour. We propose a secure authentication protocol that encrypt indexes and authentication message using proposed encryption algorithm. Vehicles can also get unlocked with cloned key fobs. One of the strong reasons for a vulnerability in modern systems is the easy access to physical systems that lead to inherent cloning and replacement of the system. Modern security systems need a hard to clone physical module integrated in system units. The problem of vehicle key fob cloning using OBD key programmers needs to be addressed. This work proposes Secret Unknown Cipher (SUC) concept to serve as a non clonable security module for RKES to solve OBD port scan attack.