The first WeChat public account Network Research Institute, pay attention to get more.
While there are several different approaches to implementing a digital key for cars, a secure digital key standard should leverage near-field communication (NFC) and ultra-wideband (UWB) combined with Bluetooth Low Energy (BLE) to access the vehicle, start the engine, Secure the vehicle, or authorize various other operations.
Owners can also use their mobile devices to share the digital key with friends or family, with the option to restrict shared keys.
A car is one of the most expensive purchases in a person's life, so while the benefits of a digital key are great from a convenience and user experience standpoint, the risks can also be great.
To ensure consumer acceptance and support long-term adoption, we must first ensure that digital key technology is secure and effective against the threat of attack.
RF Relay Attack Mitigation
A relay attack is a method that relies on intercepting messages between two parties, in this case a vehicle and a mobile device, and then relaying the messages to another device within close range of the vehicle to enable access.
According to an analysis published by UK Tracker in February 2023, such attacks remain one of the biggest threats to vehicle security:
Keyless car theft and "relay attacks" continue to pose challenges for manufacturers, as the latest data from Tracker confirms.
The number of vehicle thefts committed through this method has increased significantly over the years.
In 2017, 80% of all stolen and recovered vehicles were stolen without the owner key, and by 2022 this percentage will reach 93%.
To reduce the occurrence of relay attacks, UWB with BLE performs secure ranging through time-of-flight (ToF) measurements.
Given the lack of manipulation of many of the messages used for ToF measurements, the true distance of the device to the vehicle is much greater than the relay attack attempts to convey.
Due to its very limited transmission range, NFC is inherently less vulnerable to relay attacks. Attackers need to be within a few centimeters of vehicles and devices to successfully relay messages.
While these properties help defend against relay attacks, a large part of digital key technology's broader security enhancements is due to the presence of secure elements.
The value of the secure element of the digital key
A Secure Element is a microprocessor chip (embedded technology) that provides a tamper-proof, secure implementation.
All security critical processing, authentication, encryption, key generation for owner pairing, key derivation for "secure ranging", key sharing, vehicle access and engine start transactions, digital key storage, all in one secure within the component.
The secure element's capabilities help prevent hardware and software-based attacks, including tampering, storage intrusion, cloning, and unauthorized access.
Some digital key architectures require NFC and UWB to interface directly with the secure element and digital key framework, separating them from mobile devices and applications, adding the necessary level of protection.
These architectures also assume the following standard interfaces:
-
Vehicle-Device: Vehicle-to-Device is a wireless interface that facilitates direct communication between vehicles and mobile devices. It provides a mutually authenticated secure communication channel that protects user privacy by only exposing the identity of the mobile device to trusted vehicles after authentication.
-
Vehicle OEM Server - Device OEM Server: Vehicle OEM Server to Device OEM Server is a secure, trusted interface between Device OEM Server and Vehicle OEM Server, working with the help of a Certification Authority. It supports interoperability by abstracting the details of managing mobile devices and vehicles. The interface between them provides a standardized way to manage digital keys and provide customer service.
With the right measures, digital key technology is secure
As more automotive OEMs adopt digital key solutions, this raises questions about the security of vehicles and mobile devices using the technology.
The number of relay attacks is increasing year by year, and the secure digital key specification should address these attacks through distance binding for NFC and secure distance measurement for UWB.
These considerations alone are not enough to prevent other types of keyless attacks, and why extra steps are taken to secure transactions through the use of secure elements.
In addition, there must be mutual authentication between the server and the secure channel for certificate exchange and commands between vehicles and devices to ensure a secure connection at every step in the process.
The combination of all these elements helps answer the question "Are digital keys secure?"