Car door hacking

SUMMARY

For this write-up I wanted to learn about Remote Keyless Entry (RKE) technology used nowadays in automotive industry. So I went to a scrapyard and salvaged a couple of German-made key fobs discarded for scrapping to test them against two types of well-known RF replay attacks: RollJam and RollBack. They are not really the latest models but enough to practice with my HackRF One, and learn how to bypass rolling code protections.

In the first part of the write-up we learn the basics about RKE and how rolling codes work. Then, we have a look at RollJam and RollBack particularities and how to develop them. Once everything is clear, we test if our key fobs are vulnerable to these attacks.

KEYWORDS

RF hacking, HackRF One, ISM band, replay attack, RKE, key fob, car hacking, rolling code, RollJam, RollBack, Universal Radio hacker.

INTRODUCTION

Remote Keyless Entry (RKE)

RKE is an RFID-based technology widely used by automotive manufacturers for a variety of applications, most typically remote door lock/unlock. The system is composed of an RF transmitter built in a key fob, usually supplied along with a mechanical key, and a receiver implemented in the car. The digital signal structure largely depends on each manufacturer, it is normally composed of several tens to hundreds of bits, and is sent to typically several tens of kbps.

There is no specific global standard when it comes to encoding algorithms used in RKE. In fact, whereas aspects of the technology are heavily regulated (such as transmission frequencies), others are completely manufacturer-specific (such as the cryptographic algorithm or key management). Other features, such as the use of Manchester and Differential Manchester encoding or the use of ASK/FSK/PSK digital modulations, are not really standards, but assumed by almost all manufacturers.

ISM bands

The RKE operation frequency is regulated and depends on how radio spectrum is allocated in each country/region. The ISM (Industrial, Scientific, Medical) bands are parts of the radio spectrum reserved for civil and commercial uses, including remote door controls and RKE.

Europe. The EU433 band is primarily used (433.05–434.79 MHz), and it is very common to find devices working at the band's center frequency 433.92 MHz. Also, the 868 MHz band is available in European countries with the exception of Russia, where it is limited to 868.7–869.2 MHz.
USA. RKE systems work in the 315 MHz band since the 420–450 MHz band is reserved for other uses.
Japan. Has been traditionally using 315 MHz; however, new regulations have allowed also 433.795–434.045 MHz bands to align with global trends.

Security

When you press the button on your key fob a digital signal is sent at the standardized frequency to the receiver in the car. The signal structure depends on each manufacturer, but typically it is composed of a preamble, a code for authentication purposes, and a command code that indicates what is the action being requested (lock, unlock, etc.). Once the signal message is received and processed, it is sent to the vehicle's ECU (Electronic Control Unit) for decoding and authenticating purposes. If successful, the requested action is performed.

Since anyone with an SDR could intercept the signal and replay it, in modern vehicles rolling codes are used for authentication. The authentication code changes each time the button is pushed (i.e. it "rolls"), and each rolling code is valid for one use only.

Basically, each rolling code is a 40-bit code generated by a pseudo-random number generator (PRNG) shared between the key fob and the receiver in the vehicle. When you push the button, the current rolling code is sent, processed and discarded. Then, the PRNG is used to generate a new one. The receiver only opens the door if it receives the code it expects.

Since the code is 40-bits, it offers the possibility to use about one trillion codes, and after all of them are used up the system does not work anymore. You have to get a new key fob and probably reprogram the ECU to make sure both devices are synchronized again and loaded with a new pseudo-random generator number.

Key takeaways.

Rolling codes are discarded after use, therefore, in theory it should be impossible to open a door by capturing and replaying the same code.
Both the transmitter and the receiver must be synchronized since they use the same PRNG. However, a re-synchronization method must be provided in case the button is accidentally pushed on the key fob while it is far away from the vehicle. In this case the transmitter and receiver would lose synchronization. In many cases it is solved in the receiver side by accepting not only a single code but a limited number of the next possible valid codes in the pseudo-random number sequence. Note that if there is a significant number of button pushes and it gets outside of the list of valid codes accepted by the receiver, it may get definitely de-synchronized. How the re-synchronization method is implemented is up to the manufacturer, and in some cases it is done in a vulnerable way.

RKE technology summarizing table.

Feature

Similarities across manufacturers

Is vendor-specific?

Frequency

Regulated (315/433.92 MHz)

Modulation

ASK (Globally) / FSK (mostly in Japan)

Security

Rolling code

Implementation differs

Cryptographic algorithm

Yes

Encoding scheme

Typically Manchester

Implementation differs

Key/Code management

Yes

Replay attacks

RollJam and RollBack are two attacks based on capturing and replaying key fob signals. The main difference between them is RollJam focuses on capturing unused rolling codes (i.e. codes that have been sent but not received and processed by the vehicle), whereas RollBack is based on the capture and replay of consecutive used (sent and processed) rolling codes, and is aimed at exploiting vulnerabilities in the re-synchronization process.

RollJam was presented by Samy Kamkar in 2015. It combines jamming and capturing unused rolling codes to be replayed afterwards.

A summary of the attack would be the following.

Place a jammer near the car. When the user presses the button, the signal is jammed and the rolling code is captured.
Wait till the victim presses again the button and jam it again, now we have two rolling codes. We replay the first one, so the doors are unlocked and the victim drives away, and we keep the second one for future use.

Key takeaways regarding RollJam:

We need certain amount of equipment (jammer, etc.) and hide it in a suitable place in the vicinity of a car.
If the user pushes the button after we have made the capture, the new code invalidates our captured code.

RollBack was presented by Levente Csikor and Hoon Wei Lim in 2022. It is a replay attack aimed at vulnerable re-synchronization mechanisms. Researchers discovered that, in certain models, if you capture 2 or more consecutive rolling codes and resend them again, the re-synchronization mechanism sets their counter to the used codes. This is time-agnostic since you can use it as many times as you want, and code-agnostic, since you can reuse either lock or unlock signals.

According to researchers, RollBack offers several advantages:

Jamming is optional as long as the captured rolling codes are consecutive. For example, jamming can be used to trick the user to press 2 times the key fob button; however, once the signals are captured and saved, jamming is not necessary anymore.
The attack is time-agnostic, meaning once signals are captured they can be used anytime, therefore there is no need to follow the victim to capture more signals. Additionally, RollJam is code-agnostic, since we can use lock and unlock indistinctively to open the car's door.

KEY FOB ENUMERATION

Let's move to the hands-on part. For the test I took a couple of old key fobs discarded for scrapping made by German automotive vendors.

First thing we need to know is the working frequency. For this we can do a bit of enumeration on the devices and investigate the hardware P/N.

For the Audi key fob, manufacturer is HELLA GmbH and the OEM P/N is 5FA 009 272-11 (DE 8P0 837 220 D is probably retail P/N). The manufacturer kindly indicates the working frequency (434 MHz).

Regarding Mercedes key fob, things are a bit more hidden, just need to open the case to get details and working frequency.

Finding the center frequency

Hardware enumeration provides a rough idea about the operating frequencies, but we need to get as much information about the signal as we can.

This can be done with the HackRF One in two ways: one is with the device connected to a laptop in HackRF mode and using a Windows program such as Universal Radio Hacker, the other is with the device in portable mode (i.e. coupled with the PortaPackop add-on) and using the Mayhem software applications.

In the first case, connect the HackRF One to a Windows laptop in HackRF mode. In Universal Radio Hacker menu, navigate to Edit → Options → Device to make sure the HackRF is enabled. Then navigate to File → Spectrum Analyzer and select the HackRF as the capture device. Enter the frequency 433.92 MHz and press the unlock button in the Mercedes key fob. We notice the signal is in fact composed of two energy spikes at 433.90 MHz and 433.93 MHz approximately.

Click on the signal spike to tune the frequency and navigate to File → Record Signal to have a look at the captured bits.

Now repeat the test for the Audi key fob. In this case the signal is composed of just a single energy spike at the center frequency.

And a single burst of bits.

In case you do not have a laptop at hand, you can fine tune the detected frequency with the HackRF One working in portable mode and the Mayhem software.

In the Mayhem menu navigate to Receive → Search to get access to the scanner application. Here, enter a range of frequencies to scan and a minimum trigger level. Press the key fob button and the scanner indicates the center frequency of the detected signal. If nothing is detected, try lowering the trigger level or adjusting the range of frequencies.

For example, for the Audi key fob the tool detects the spike at 434.412 MHz, which is consistent with the results provided by URH.

BYPASSING ROLLING CODES WITH ROLLJAM

As indicated before, a RollJam attack consists basically on tricking the victim to push the unlock button 2 times. Both transmissions will be jammed by the attacker, but one of them will be replayed so the unsuspecting victim can drive away with the car, whereas the other is kept for future use.

Let's try a RollJam attack on the Mercedes key fob. We need to capture an unused rolling code message, so take the HackRF One far enough from the car (so it is not detected by the receiver) and capture an unlock signal. This way we simulate the signal has been jammed and captured by an attacker.

To do this use the HackRF One. Navigate to the Capture application, then set the operating frequency to 433.92 MHz and a bandwidth of 100 KHz so we make sure both energy spikes are captured. Then start the capture and press the key fob button, both energy bursts appear on the waterfall.

Now move near the car again and replay the signal, the door is unlocked.

Same process works for the Audi key fob. Move away from the car receiver coverage and capture a rolling code (remember to modify the center frequency). As expected, only one energy burst appears on the waterfall.

Now move close to the car and replay the capture, the door is unlocked.

Note that the captured code can be used only one time. Once it is captured and processed by the receiver, it does not work anymore.

TRYING ROLLBACK ATTACKS

As said, in a RollBack attack we capture 2 or more consecutive rolling codes for later reuse. It does not matter if the codes have been used, if the manufacturer has implemented a vulnerable re-synchronization mechanism, they will be still valid even in the case they have been already used.

Normally, you can use jamming to trick the victim to push the button several times but this is optional, it is perfectly valid to capture the signals by other available means. When necessary signals are captured there is no need to use jamming again. Unlike RollJam, in RollBack we are capturing used rolling codes (i.e. codes that have been already received and processed by the car).

To simulate a RollBack attack we capture several consecutive unlock signals. There is no need to move away from the car, since we need the signals are processed by the receiver.

However, if we try to replay the sequence with the Mercedes key fob, the attack fails.

And also it fails with the Audi key fob.

So we can conclude both re-synchronization systems are robust enough and immune to RollBack attacks.

WRAPPING UP

We have learned the basics about the RKE technologies used in automotive industry. We have also tried two types of replay attacks designed to bypass the rolling code security.

RollJam requires specific jamming equipment and certain conditions to be met. Once a code is captured, if the user pushes the button again, it does not work anymore and another code needs to be captured. Also, the captured code only works one time. However, if all requirements are met, it works 100% of the time, since RollJam is not actually an attack aimed at exploiting a vulnerability, but a method to capture unused valid codes.

RollBack is an attack aimed at exploiting vulnerabilities in the vehicle re-synchronization systems. It has less requirements that RollJam, and jamming is optional as long as we capture 2 or more consecutive codes. Another advantage with regards to RollJam is that once codes are captured we can keep them forever, since the attack is time-agnostic and action-agnostic. However, it does not work in the 100% of the cases, it depends on how the vendor has implemented the re-sync mechanism and, as we have seen, in some cases systems are not vulnerable.

Feature

RollJam

RollBack

Goal

Capture unused rolling codes

Capture used consecutive rolling codes

Vulnerability exploited

None

Exploits vulnerability in the car re-sync system

Re-usability

A new code needs to be captured each time

Time-agnostic. Only one capture is needed, then codes can be reused.