I saw the following video this evening. It shows a pair of car thieves spoofing the car-key conversation to unlock and steal the car. I thought it would make an interesting design problem to talk about. Although I mostly design software systems, I get involved with hardware while solving some process issues.
https://www.youtube.com/watch?v=S66TOcpVD50
From the video, it appears that the thieves are using a man-in-the-middle attack on the conversation between the car and the key. The box near the car looks like the key and the box near the house looks like the car. To the real key and real car, the boxes seem like their real counterparts.
Often convenience (e.g. not needing to pull your key out of your pocket to get in and start the car) is gained at the expense of security.
Here are some ideas that would make this MitM attack harder:
1. Make the key invisible to the the box outside the house. This could be done by placing it in a container that is impervious to RFID(?). Or have another object next to the key storage that scrambles the RFID signal – there are similar devices (Armourcard) to put in your wallet to keep your credit cards from being scanned. I assume that the key works with RFID, but it may be a similar protocol.
2. Make the key smarter by adding sensors. The key could be silent unless it is above a 85 degrees (in a pocket) or unless it moved in the last 10 seconds. Either of these sensor additions would prevent this MitM attack. I don’t know if the current keys have batteries – the addition of sensors might require it.
3. Add another layer of security in the car. High level biometric controlled locations often need 3 things to gain access: (1) something you have, (2) something you know, and (3) something you are. For example, a badge (1), a password (2) and a handprint (3). In the current car system, the only requirement is (1) something you have – the key. The car could be modified to require a password or a thumbprint (like your cell phone). Since most higher end cars already have touch screens, it would not be hard to add either requirement.
Any other suggestions?