A team of researchers at COSIC, an imec research group at the University of Leuven, has uncovered serious security flaws in the Passive Keyless Entry and Start (PKES) system used by some luxury vehicles. The study shows that the key fob (the unlocking device) used by the Tesla Model S is using out-dated and inadequate cryptography. An adversary can abuse these flaws to clone a key fob in a matter of seconds, unlock the vehicle and drive off with it. Other manufacturers that may be affected include McLaren, Karma Automotive and Triumph Motorcycles as they are all using a PKES system developed by Pektron.
High-end vehicles are often equipped with a Passive Keyless Entry and Start (PKES) system. These PKES systems allow the vehicle to be unlocked and started based on the physical proximity of a paired key fob: no user interaction is required.
The researchers' goal was to evaluate the resistance of a modern day PKES system to different types of attacks. They completely reverse engineered the PKES system used in the Tesla Model S. Their research shows that this system uses the outdated DST40 cipher, in 2005 it was already clear that the key is too short to be secure.
Using DST40 today has grave security implications. COSIC researchers could recover the cryptographic key in a matter of seconds using advanced key search techniques. Once the cryptographic key was recovered they could impersonate the key fob. The research team only required a few seconds close to the key fob to create a perfect clone, allowing them to unlock and start the vehicle.
The research team succesfully hacked two Tesla Model S vehicles and reported the issue to Tesla on August 31, 2017 under a 'responsible disclosure' procedure. Tesla confirmed their findings and awarded them with a bounty of USD 10,000. They also contacted the other car manufacturers who use key fobs from Pektron, none of which have acknowledged the vulnerability.
This research results in a better understanding of automotive security and helps Tesla to address these security issues. Tesla Model S owners should consider using the security features that were recently added in software updates by Tesla. Specifically, they should disable 'passive entry' and enable the ‘pin to drive’ features.
While the research team cannot confirm that the vulnerability affects McLaren, Karma and Triumph cars without access to these vehicles, owners should consider placing their key fob in a metal container (a Faraday cage) to block radio signals. These short-term countermeasures should make it harder to successfully conduct an attack.
This release was first published 11 September 2018 by KU Leuven.