Unknown to most car owners, passive key entry systems carry this new kind of vulnerability that causes major headaches to insurance companies and authorities. The so-called relay attacks have been around since 2011, but the problem has been growing exponentially and gaining increased attention. Several automobile clubs have begun alerting the population, such as the German automobile club (ADAC). To prevent such attacks, Thomas Engel and his team have begun working on a solution that works with a smart device, like a phone or a smart watch. They analyse the time the signal needs to travel from the key to the car, and assess if it occurs within a certain distance (distance bounding protocol). When the signal exceeds a specific time, the system recognises the tampering attempt and automatically locks the car. “A big challenge will be the amount of interference on the 2.4 GhZ band because nearly all wireless devices use this frequency nowadays,” states Florian Adamsky. “Since the distance bounding protocol is very time-critical, it will also prove difficult to implement that protocol on a normal smart device.”
Other car manufacturers, like GM for instance, have also tackled this vulnerability. But so far, no one has yet created a secure and smart key entry system that does not require an internet connection or the push of a button.
The team applied to the call “Honda Initiative Grant Europe Program” in late 2016. The 30.000 euro grant was formally awarded to them in the spring of 2017, and will cover research activities for one year—after which both parties can agree to extend their partnership. SnT researchers Thomas Engel and Florian Adamsky are part of the SECAN-Lab (secan-lab.uni.lu), which addresses both fundamental and applied research activities in computer networking and security.