TY - GEN
T1 - Key is in the Air
T2 - International Workshop on Interplay of Security, Safety and System/Software Architecture, CSITS 2018, and International Workshop on Cyber Security for Intelligent Transportation Systems, ISSA 2018 held in conjunction with 23rd European Symposium on Research in Computer Security, ESORICS 2018
AU - Ibrahim, Omar Adel
AU - Hussain, Ahmed Mohamed
AU - Oligeri, Gabriele
AU - Di Pietro, Roberto
N1 - Publisher Copyright:
© 2019, Springer Nature Switzerland AG.
PY - 2019
Y1 - 2019
N2 - A Remote Keyless Systems (RKS) is an electronic lock that controls access to a building or vehicle without using a traditional mechanical key. Although RKS have become more and more robust over time, in this paper we show that specifically designed attack strategies are still effective against them. In particular, we show how RKS can be exploited to efficiently hijack cars’ locks. Our new attack strategy—inspired to a previously introduced strategy named jam-listen-replay—only requires a jammer and a signal logger. We prove the effectiveness of our attack against six different car models. The attack is successful in all of the tested cases, and for a wide range of system parameters. We further compare our solution against state of the art attacks, showing that the discovered vulnerabilities enhance over past attacks, and conclude that RKS solutions cannot be considered secure, calling for further research on the topic.
AB - A Remote Keyless Systems (RKS) is an electronic lock that controls access to a building or vehicle without using a traditional mechanical key. Although RKS have become more and more robust over time, in this paper we show that specifically designed attack strategies are still effective against them. In particular, we show how RKS can be exploited to efficiently hijack cars’ locks. Our new attack strategy—inspired to a previously introduced strategy named jam-listen-replay—only requires a jammer and a signal logger. We prove the effectiveness of our attack against six different car models. The attack is successful in all of the tested cases, and for a wide range of system parameters. We further compare our solution against state of the art attacks, showing that the discovered vulnerabilities enhance over past attacks, and conclude that RKS solutions cannot be considered secure, calling for further research on the topic.
UR - http://www.scopus.com/inward/record.url?scp=85064856966&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-16874-2_9
DO - 10.1007/978-3-030-16874-2_9
M3 - Conference contribution
AN - SCOPUS:85064856966
SN - 9783030168735
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 125
EP - 132
BT - Security and Safety Interplay of Intelligent Software Systems - ESORICS 2018 International Workshops, ISSA 2018 and CSITS 2018, Revised Selected Papers
A2 - Shabtai, Asaf
A2 - Elovici, Yuval
A2 - Hamid, Brahim
A2 - Gallina, Barbara
A2 - Garcia-Alfaro, Joaquin
PB - Springer Verlag
Y2 - 6 September 2018 through 7 September 2018
ER -