A Remote Keyless Systems (RKS) is an electronic lock that controls access to a building or vehicle without using a traditional mechanical key. Although RKS have become more and more robust over time, in this paper we show that specifically designed attack strategies are still effective against them. In particular, we show how RKS can be exploited to efficiently hijack cars' locks. Our new attack strategy—inspired to a previously introduced strategy named jam-listen-replay—only requires a jammer and a signal logger. We prove the effectiveness of our attack against six different car models. The attack is successful in all of the tested cases, and for a wide range of system parameters. We further compare our solution against state of the art attacks, showing that the discovered vulnerabilities enhance over past attacks, and conclude that RKS solutions cannot be considered secure, calling for further research on the topic.
展开▼
