Keyless entry systems, once considered the pinnacle of vehicle convenience, are now a major target for hackers and car thieves. In today’s episode, we’ll explore the vulnerabilities in Remote and Passive Keyless Entry (RKE/PKE) systems, focusing on how replay, relay, and roll jam attacks exploit their weaknesses.

We break down these attack methods, illustrating how hackers bypass rolling codes, exploit weak cryptographic implementations, and outsmart proximity-based systems. We’ll also discuss practical solutions, such as implementing high-entropy cryptographic functions, RSSI localization, motion sensors, and ensuring automotive security compliance.

If you’re curious about OEMs' cyber security advancements and how technology like OTA updates can mitigate vulnerabilities, this episode is a must-listen for understanding the future of car cybersecurity.

Chapters:

(00:00) Introduction to Keyless Entry Systems Security
(01:29) Remote Keyless Entry (RKE) Systems
(01:52) The Replay Attack on the Key Fob
(03:00) The Next Wave of RKE Attacks: The Roll Jam Attack
(04:58) Passive Keyless Entry (PKE) Systems
(05:42) The Relay Attack on the Key Fob
(06:32) Best practices for mitigating relay attacks
(06:36) Mitigation #1: Set upper bound on response time
(07:02) Mitigation #2: Use RSSI to estimate key fob location
(08:12) Mitigation #3: Integrating motion sensor
(08:38) Known Challenge Relay Attack on the Key Fob
(10:18) Secure implementation is the name of the game
(11:52) Outro on Remote/Passive Keyless Entry Systems

Contact us:
https://www.linkedin.com/company/plaxidityx/
https://www.youtube.com/@PlaxidityX
contact@plaxidityx.com