EXECUTIVE SUMMARY:

Automobile manufacturers introduced keyless entry in 1980s. Long gone are the days of rummaging through pockets and purses to gain access to one’s home or automobile. While car owners love the keyless experience, so do the thieves.

However, by today’s security standards, key fobs are insecure. A hacker can unlock and drive away with a car never having gained physical access to the key fob itself.

Researchers at the Cryptographic Hardware and Embedded Systems conference revealed that despite manufacturer efforts to patch flaws, fob encryption continues to be easily compromised. Using $600 worth of radio and computing equipment, the researchers demonstrated they could break key fob encryption and clone a car’s key fob in less than 2 seconds.

As IoT devices with digital controls and keyless entry systems gain additional marketshare, ensuring security and user authorization is more important than ever before. To protect against hacks that could give way to theft or privacy invasion, auto manufacturers must prevent encryption disruptions.

One technique in the works includes configuring the dashboard so that users can enter a pin number, proving that they are authorized to drive the vehicle.

To read more about how academic hackers cloned the key fobs of a luxury automobile company, please check out this Wired article.