Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

A car won’t open or start if the signal from its key takes too long to arrive, so the researchers devised a way to speed communication between their antennas. Most relay attacks require the signals to be converted from analog to digital and back, which takes time. The researchers were able to keep the signals in analog format, which reduced their delay from microseconds to nanoseconds and made their attack more difficult to detect.

The researchers suggest things that car owners and manufacturers can do to protect themselves. Car owners can shield their keys when they’re not in use, to prevent attackers from communicating with them. Alternatively, manufacturers could add a button to fobs that would allow owners to deactivate and reactivate them. Capkun worries, however, that these types of solutions detract from the convenience that makes passive keyless entry systems worthwhile.

Ultimately, he says, manufacturers will need to add secure technology that allows the car to confirm that the key is in fact nearby. “I don’t see a way around it,” Capkun says. His group is actively working on protocols that would accomplish this.

David Wagner, a professor of computer science at the University of California at Berkeley who has studied the cryptographic systems used in keyless entry systems, says the research “should help car manufacturers improve auto security systems in the future.”

Wagner doesn’t think the research ought to make car owners anxious. “There are probably easier ways to steal cars,” he says. But, he adds, a “nasty aspect of high-tech car theft” is that “it doesn’t leave any sign of forced entry,” so if a thief did use this method to steal a car, he says, it might be hard for police and insurance companies to get sufficient evidence of what happened. Wagner believes that manufacturers, police, and insurance companies all need to prepare for this eventuality.

“Automobiles are a key example of a system that is pervasively computerized,” so they need to be thoroughly examined to ensure they are secure, says Tadayoshi Kohno, an assistant professor of computer science at the University of Washington. Kohno helped form the Center for Automotive Embedded Systems Security, which is dedicated to identifying and solving security problems with car security systems before they cause problems in the real world.

2 comments. Share your thoughts »

Credit: ETH Zurich

Tagged: Computing, security, wireless, automobiles, RFID

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me