Tesla: Hackers find the key to vulnerability

[nir]

2 seconds, $600 and 1 weak encryption code allowed researchers in Belgium to copy Tesla Model S key

 

Hackers managed to copy a Tesla Model S key in two seconds with just $600 of equipment, researchers have said.

 

Using a cheap Raspberry Pi minicomputer, a team of researchers at KU Leuven, a university in Belgium, said they repeated the attack on several different Model S vehicles to confirm the hack was legit. It notified Tesla and the key fob supplier of the weakness in August 2017 and earned a $10,000 bounty from Tesla for finding it.

 

Key fob hacks like this can be a problem for every automaker, with hackers having readily accessible information on smartphones and easy access to wireless connections nearly everywhere. Hackers can figure out what signals to send to a vehicle to make it think it's being opened and started with an authorized key fob. The technique is called a "relay attack."

 

The problem for Tesla was tied to a weak encryption code, which had been identified as being hackable in 2005, the researchers said.

 

"What was surprising was that the chip supports a stronger algorithm, but this was not used," said Bart Preneel, a professor at KU Leuven and one of the researchers. "The system had additional design flaws that allows us to recover the key in less than two seconds."

 

Well, it wasn't quite two seconds. It took nine months of reverse-engineering work before the researchers discovered in summer 2017 that the Model S' remote keyless entry system, manufactured by Pektron, and the immobilzer used the weak cipher, called DST40. The researchers said that, according to the Federal Communications Commission equipment authorization database, Pektron also designed keyless-entry solutions for manufacturers such as McLaren, Karma and Triumph. McLaren and Karma responded to the researchers' findings, but neither acknowledged the vulnerability. Preneel said Pektron and Triumph never responded.

 

The National Insurance Crime Bureau says car theft is at "levels not seen since 1967," but for now, the rates have very little to do with car hacks. "Thousands of vehicles continue to be stolen each year because owners leave their keys or fobs in the vehicles, and that invites theft," the group said in a report released in September.

 

Source