Anyone know how a car's keyless entry encryption works?

[aetherh4cker]

Quoted from Wikipedia:
"Modern systems implement encryption to prevent car thieves from intercepting and spoofing the signal."

I'm a little confused on why this couldn't be spoofed? If the *exact* signal the remote sends to the car is pulled from the air resent by someone else, why wouldn't that open the car? How would the car know the signal was sent by a fraud?

If the remote encrypts a message and sends it... and the car knows how to decrypt it; surely the car would know how to decrypt it again when it is sent by the fraud 20 minutes later.

I just don't understand.... can anyone help enlighten me?

 

[Nitestick]

perhaps they use a system where the remote contacts the car and the car makes some form of a request that must be responded to within the encrypted session. if that were the case then a hacker would require the decryption algorithm and key to be able to produce a valid response.

 

[aetherh4cker]

Hmm... that does sound fairly plausible, but it also sounds like it could be circumvented.

Thanks for helping broaden my horizons.

Does anyone else have any ideas / facts on this?

Edit: Another idea I had on this, sorta based on yours...

Perhaps the car could use public key cryptography (RSA). It would randomly regenerate a new key pair every time it is unlocked/locked. So when you push the button, it sends a request for the current public key to the car, the car transmits the public key, the keyless thing encrypts the 'special password' and sends it to the car. If after being decrypted, it is indeed the 'special password', the car will unlock and regenerate a new key pair.

RSA takes quite a bit of power to generate key pairs though... so maybe a more simple algorithm... since encryption strength wouldn't be as high of priority here.

What do you think?

 

[Nitestick]

well yeah i was only guessing based on a little i know about cryptography. my first thought like yours was RSA encryption but i came to the same conclusion you did at the end of your post. the computational power of a remote/in-car chip is prohibitive.

 

[Oreo]

Why do you wan't to know, are you a criminal in the making

But yes the car receiver and car transmitter could have the same internal algorithm based signaling with an altering frequency of transmission and receiving, it may switch by a few herz 100's of times each second, as would the receiver so the signal could only ever be the same from another car key at the same time as the receivers frequnecy for 1/100th of a second. This is how an xbox 360 controller works, so that no controllers ever conflict.

Just a guess, similar to nitesticks idea.