LASER: Lightweight And SEcure Remote keyless entry protocol (Extended version)
This addresses security issues in RKE systems for automotive users, offering a practical and lightweight solution that is incremental in improving existing protocols.
The paper tackles vulnerabilities in Remote Keyless Entry (RKE) systems, such as jamming-and-replay and relay attacks, by proposing a lightweight one-message protocol that ensures integrity and validity without complex cryptography, and includes a frequency-hopping approach to mitigate denial-of-service attacks, with a prototype implementation showing scalability, effectiveness, and robustness.
Since Remote Keyless Entry (RKE) systems started to be widely used, several vulnerabilities in their protocols have been found. Attacks such as jamming-and-replay attacks and relay attacks are still effective against most recent RKE systems, even when many secure schemes have been designed. Although they are interesting from a theoretical point of view, the complexity of these solutions is excessive to implement them into a fob. This paper presents a lightweight and general solution based on a one message protocol, which guarantees the integrity and validity of the authentication in RKE systems, protecting the communication against the well-known jamming-and-replay and relay attacks, without using complex cryptographic schemes. Moreover, we also adapt our protocol for passive RKE (PRKE) systems. Our solution also includes a novel frequency-hopping-based approach which mitigates deny-of-service attacks. Finally, a prototype has been implemented using non-expensive hardware. Obtained results assure scalability, effectiveness and robustness.