MADISON, Wis. — When you know that all a burglar needs to get inside your car is a brick heavy enough to smash the window, why debate which wireless technology is better suited for a keyless car entry system?
Sure, the comfort of locking and unlocking a car from a distance by push button is cool. But cooler, at least for car OEMs and insurance companies, is electronics in car keys integrated with a vehicle immobilizer.
Unlike a mechanical key, this kind of electronic key uses a wireless passive RFID interface to identify its car. The engine remains cold and unresponsive until the car (the engine control unit) and the key (the transponder) authenticate each other.
NXP Semiconductors, which makes chips for automotive keyless entry systems with immobilizer functions, has established a strong presence in the market.
“It may be just $2 [worth of] silicon, but electronics in the car key offers enormous value to you, when it prevents someone from getting inside your BMW and driving it away,” Lars Reger, vice president of strategy, new business, and R&D for the automotive business unit at NXP, recently told EE Times. “Secure access must not be compromised.”
In that context, Reger called the concern over the security provided by Bluetooth Low Energy (BLE or, in more politically correct terms, Bluetooth Smart) in cars “justified.”
What matters is secure access
Of course, BLE itself is just another wireless technology with a variety of uses. There's nothing wrong with it. Whether a driver gets to open a car with a smartphone (embedded with BLE) is probably a sideshow.
In Reger's view, what matters is whether BLE offers brick-solid “secure access” — not just to get into the car, but also to connect to the telematics system. Connected cars are coming soon and are increasingly deemed a part of the Internet of Things. Once secure access to a connected car is compromised, the complete automotive platform “can principally get hacked.”
Not surprisingly, NXP, a leader in Near Field Communication (NFC) proximity technology, is pitching NFC as a key to securing in-car connectivity.
Reger said a crypto-controller inside the NFC chip — also deployed in banking cards — can secure an air interface of various wireless technologies, including car-to-car, car access, or telematics access.
The NXP executive sees the biggest issue for the current version of BLE as “its security and pairing mechanism.”
BLE spec will get updated
Mike Ryan, security engineer at iSEC Partners, agrees with that. He has been publicly discussing BLE's “key exchange” as the weak link of BLE's security for a while.
In a recent email exchange with EE Times, Ryan sketched out the following scenario.
Given that the key exchange is compromised, an attacker can effectively impersonate either the BLE master (car) or slave (keyfob/phone) *if* they rely on BLE's built-in security and *if* the attacker is able to observe the user pairing with the phone. Such an attacker would be able to perform any action exposed via BLE.
As we reported earlier, members of the Bluetooth Special Interest Group (SIG) aren't blind to the issue.
To read more of this article or to leave a comment go to: “Touch' and 'activate' coming to a center stack.”