Tesla is the epitome of innovation combined with unmatched features, including utmost comfort and tight security that provides a completely digitized driving experience. However, it seems that hackers are always a step ahead.
Researchers from KU Leuven University in Belgium were successful in hacking the key fob of the Tesla Model S with equipment worth $600.
As reported by Wired, the device based on simple computing logic and radio equipment was able to clone the key fob of the Tesla Model S within two seconds, allowing anyone to open the car’s door and flee away with it.
“Today it’s very easy for us to clone these key fobs in a matter of seconds. We can completely impersonate the key fob and open and drive the vehicle,” Said Lennert Wouters, one of the researchers demonstrating the flaw in the electric car.
Like the contemporarily used keyless entry systems, Tesla’s key fobs send an encrypted code that is sealed by a cryptographic key. This signal is received by the car’s radio to open the gate and start the car’s engine. The researchers found that the Tesla’s key fobs use a 4–bit cipher for encryption which is weak and susceptible to hacks.
By applying reverse engineering, researchers cloned the key fob and used a hardware kit that consists of a Yard Stick One Radio, a Proxmark radio, a Raspberry Pi minicomputer, some batteries and a database of all the possible digital entry keys.
To initiate the hack, researchers tapped the radio ID of the target car using the Proxmark radio. The signal is broadcasted by the car all the time which makes it easy to tap. Next, they took the radio within the three meters radius of the target’s key fob. The tapped signal is, then, used as a cue for the fob to send its digital code which should be received by the car, originally.
The next step involved running the received signals through a 6-Terabyte data of all the possible combinations. Once the hackers have access to both the keys, he can easily open the door and start the engine of the car without any trace.
You can check the video of the demonstration below.
When researchers exposed the flaw to Tesla, they were rewarded suitably; a software update has also been issued by the Elon Musk-owned company to prevent the hack. The new software update implements two-factor authentication and drivers need to add the PIN code on the dashboard display to start the engine.
Tesla Model S units manufactured and sold before June are vulnerable to such a hack as the electric car company ensured security by upgrading the encryption technique in the models manufactured after June.
Do you think our connected devices and cars are safe? Express your views in the comment section and keep reading at Fossbytes.com.