 Okay, my name is Yuanjian, and my topic is security flaws in automotive immobilizer, and we also come from Unicom team, and it's a radio and hardware security research lab in QiHu 360 technology. So, he just introduced our team, so we just want to see that we are one of the DEF CON 24 vendors. Next, we will introduce my colleague, Zeng Yingtao, and he is also a security researcher of our team, and he has a rich experience in automobiles security and IoT security. So, my name is Yuanjian, and my research is all about wireless sensor network and NFC, and so on. So, today what we want to share is key fobs. So, we will use the key fobs to open the car door or close it. Then we will find some flaws of it, and then we will use these flaws to open a car. First, we want to find what's the frequency that works. First, we can find the open key fob, and we can find the crystal or laser, and we found it printed on it, and we will find the share of the key fob, and we will find the FCC ID, and we can search it in the website, and then we will get the more information about it. So, if we could not get the information from in this way, so we could find another way. So, we have another tool to us, just like usrp, hackif, and what I like is RTL. It's very common, and the price is very cheap, and we use it, and the frequency is from 24 MHz to 1.7 GHz, and we will find this red point. We will scan the frequency and find the red point, so we can get the frequency, then we set the central frequency to it, and then we will get the signal in detail. So, we capture the signal four times, and when we analyze the way we find it, the modulation has the ASK, the modulation is ASK, and first we will introduce the preamble. The preamble is used to tell the car that there is a signal coming, you have to be ready for the signal, then it's the sync header. The sync header is used to synchronize the time. Then the data about the hopping code is 32 bits and serial number, and then the 4 bits function code and the 2 bits status code. Then it has a gather time. The gather time should not be too short, because if it's too short, the car could not recognize the one signal. Actually, the hopping code is the result of the encryption that is employed by the car embalmerizers. We will explain that later. The 28 bits serial number is unique to the key fob, and the 4-bit function code is used to tell the car what action to perform, like open the door, close the door, or open the trunk. So we get this, we know the modulation is ASK, and so we should translate the wave to the bit. So first we know the long one is zero, and the short one is one, and they send the signal from left to right, and we get the value zero, one, and zero, one, and one, one, one, zero. So we get the MSP and the high SP, so we get the number is zero, one, one, one, and one, zero, one, zero. Then we get the value is 7A. So we translate the wave to the bit, and we get the data. So we have connected serial for key fob chips, and as an example we will introduce SS301 as an example. This is the format of the chip. Actually there is many, many chips, wireless chips used in the key fob, in the key fob. These are the specific chips, and this table is actually telling us that the signal is transmitted, the format of the signal is like the pre-mentioned product. There is a function code, rolling code. Those formats are very similar, so we will take a specific chip as an example to analyze. So the next we will introduce the data. First is the hopping code and the serial number. A serial number is unique to every key hub. Every key hub has its own, key fob, oh, key fob, sorry, key fob has its own. And then is the function code. The function code is to tell the car if to open the door or close the door or other thing. Then is the two-bit status code. This is used, one bit of it is used to tell the driver if the key fob is in low power status, and another bit is used to tell the car if this signal is a repeated one. And then we will introduce 32-bit hopping code. The 4-bit data is 32-bit and it contains 4-bit function code and 2-bit PR code and 10-bit discrimination value and 16-bit sync counter value. We have found it has two parts, the same function code, the outside one and the inside is a hopping code and which one is the real. So we test many kinds of cars and we find outside it's usually the car just uses the inside one. And then is the two-bit spear code. We read the source code and finally we find out the the two-bit spear code is never used. And then is the 10-bit discrimination value. It's a low 10-bit awful 28-bit serial number. So it's used to recognize if the signal is sent by the correct key fob. And then is the 16-bit sync counter value. It's used to judge if the signal is right. When the key fob sends a signal, it has its own sync counter value, the car will compare the sync counter value itself to the key fob. So it will judge if the value is right. Any questions? Okay. Then they will do the key lock. They use the 16-bit encryption key to and do the key lock algorithm to produce the 32-bit hopping code. Okay. The key lock, how many have you heard of this? Okay. Only one. Key lock is just a cryptography algorithm that is commonly used in immobilizers. And you can just feel that yes, this is like just a cryptography algorithm. And the function code, like the rolling code is a result of using key lock to encrypt the function code and the 10-bit, the 10-bit discrimination value is just the lower part of the serial number. And so I hope that everybody understand the key lock. Oh, okay. Then let me introduce shortly about the key lock. First, it has two parts, 16 to the low part is the 16-bit encryption key. And then the data is 32-bit. First, we get 5-bit of it from bit 1, bit 9, bit 20, bit 26, bit 31. And we do NLF operation. And now we get one bit. And now we do the XOR to the bit 0 and bit 16 and bit 0 from the encryption key. And now we get the encrypted bit. Now we will do this. Now the data will shift and the 64-bit key will circular shift. And we will do this 528 rounds. So finally we will get the encrypted 4-byte data. That's the rolling code. This is the decryption of the key lock. It's the inverse of the encryption. So it has not a big difference. So just use the difference bit. So we will introduce the first floor of some cars. Chip designer did the rising, but not all the automobile manufacturers. Some manufacturers did have some problems. And so if a car has the problem, we find how we could open a car. Then next, we will first record continuous signal twice. And then that means we will get a two continuous sync counter number. And then we will replay it. So that's the result that we could open the car. So Okay, so we basically have told you that I think this is when a car has the vulnerability we found, we could open the car in this way. And so the next way we will introduce why, how to authenticate the key fob and what's the vulnerability, where the vulnerability exists. First, we should read some. First, this is the key fob on my right. Then he sends data. And the data contains 32 bit hopping code and serial number, function code and status code. And then we use the key lock to decrypt it. And then we get the data unencrypted. So we have 4 bit function code, 2 bit serial code and decryptation value and sync counter value. The sync counter value is the most important. If the sync counter value is 7, f1, and the e-hop. e-hop means the sync counter value saved in the car. He had a value. So the hop minus e-hop we get the e-temp. That means the value is negative 15. So it's smaller than 0. So that's return force. That's the chip disresing. So if the value is unsigned, it's same as just I said, but what difference is unsigned if the value e-temp is unsigned. So it will get the value fff1 not just what I told is negative 15. So they will return to a function. And request re-signite. So we read this source code. The e-hop is the data is the sync counter value from the keyfab. And e-hop is the sync counter value saved in the car. So hop minus e-hop we get the e-temp. So e-temp is smaller than 0. Just see that this is negative 15. So it's smaller than 0. So they will go to force. That's the right. That's the right correction. So the next if they define this value as unsigned value, they will go to this. Request re-sync this function. Does anyone have questions right now? Because this is actually the vulnerability where the vulnerability exists. So if you have a question you can ask them right now. Okay. Okay. Actually I think there's a misunderstanding that your confusions come from here. Here. Actually the value that I was explaining from the top to the top from top down. The 32-bit 32-bit hoping code is the result of using Keylock encryption algorithm to encrypt the content, the four-bit function code, two-bit speocode, the content. So actually there is a four-bit function code in plain text, sent in plain text. And there is an encrypted version four-bit function code. Actually we have done some experience. We found out that the card ignore the four-bit function code that's not encrypted. They will only respond to the function code that is encrypted. But the question is how actually we were talking about how the card handle the decrypted result of the, which is this part, the unencrypted contents. So the card has the key so it can decrypt the content. So we are talking about that. But we are talking about the decrypted version of this content. Does that make sense? So the vulnerability, okay. And let me tell you how they use this sync counter. Sync counter is actually when you press the key fob, the key fob will send out the 32-bit hoping code, which is encrypted with a version of the content. And plus this part. When the sync counter, although when the card received this signal that they will check, they'll compare the sync counter that's stored in the card. The card also stores a sync counter. Synchronization counter, okay. When the synchronization counter stored in the card is larger than the synchronization counter received. Okay. When it's larger, the card won't respond. When the sync counter is larger than the stored one in the card, there's a range. If it's larger by one to 16, one to 16, in this range, the card will instantly respond to the function code of the door or close the door. Okay. If it's larger more than 16, the card will enter a state called re-synchronization. Okay. So the card will store the current received the sync counter and both the current received the sync counter and the old counter that is stored. Okay. And then it will enter the re-synchronization state in which the card will wait until you have received the second single. And if the second single contains a continuous synchronized sync counter value, which is larger than the formerly received sync counter by one, the card will respond to the function code and change the old one, the one stored in the card to the last received the sync counter. Does that make sense? No, no, no, no. If the user presses the button and the card don't respond, you should continue, goes on to press that again. So that would re-synchronize the sync counter because when you put the key in your pocket, you may unintentionally press that multiple times and it goes off the 16 range. Okay. It's not the real replay. If he has this floor, we are going to introduce the floor yet. We will introduce the floor next. Yeah. You know, this is a normal procedure. So and if they defined this as unsigned value, so this is a normal. It is a normal. So when we send the smaller sync counter value, they should go to the force and no response, no response. Then if they defined, if the manufacturer defined the attempt as unsigned value, so they will go to the re-synchronized. So if they go to the re-synchronized, they will set the F2 chance to two and they will wait for the next hop. The next hop is the hop plus one. So when they get the next signal, the signal value is one bit bigger than the other. Okay. If I just, I think I have just explained that if the car, when the car enters the re-synchronization procedure, it will wait on another signal, right? So if the another signal is sync counter value is larger, is greater than the previously received sync counter value by one. So it will re-synchronize. Yeah. Then the next signal, we will, the program will go to hop CHK and the F2 chance is two. And the next hop equals hop. Then the result is they will return to, so the car will respond to the signal. So if the signal is to open the car, so they will respond to the second one. So this is the second, this is the second one. So if they, the second hop is seven, F2. So they will go to the F2, the F2 chance is two and the next hop is the bigger, larger one. And then, then just I see the previous hop is seven FF1. So we changed, we changed the sync counter value. The sync counter value should be bigger than the previous. But if the car has this floor, we use two continuous signals to make it smaller than the previous. So this is our guess. So from the first picture, we know the code right by the chip designer. He designed the word as unsigned int. So when they compare two number, and we get the negative one. And the next is, next picture is, we guess, we guess some mobile manufacturers define the word as unsigned. So we, we use two continuous signal to open a car. Does anybody has questions until now regarding their previously contents? Actually, I think there's actually the, I have already explained the normal procedure where the car, when the car is a syndicate is a k-fob. The problem is here. Okay. Okay. So nothing here. The problem is the minus operation in the code. Okay. You see the E temp and the hope the E temp is the, is the value that you, you get from by using the received sync counter to subtract to, to minus, to minus by the, the stored value. If the E temp is defined as, as a signed integer, you will get both, you get value of both larger or, you will get the negative value and the positive value. Does that make sense? Okay. So, but if it, it is designed as an unsigned integer. So the, the, the minus operation would always produce a value that larger or equal than zero. Equal, equal to zero. Okay. So when, when, when they continue to go, when they go on to like, if the E temp is lesser than, is, is, than zero, then this, when they compare that, this, this won't any be true. Won't be true. So, so well, they will speak the E for operation and goes directly to the L, L section of the code. So, so, so what if the, so, so we could use like two continuous signals which contains up till now we are not able to decrypt the, encrypt the contents, you know, but we recorded two continuous signals. So the, the sync counter value would be continuous. Like, okay. So we, we replay, when we replay that, the, the, the car will always go into the re-synchronization procedure. So every time I replay this two signal, the car would return to the same, would re-synchronize to the same re-synchronizing in the counter value. Okay. So that's why we can, okay, use the signal to open the door continuously. Okay. Next, if we have more time, we will show you how to open, open the immobilizer. So this is the video, we how to use this inflow to open a door. So, and another, another way to open a car. So they have three. We are going to about to start the second vulnerability to explain the second vulnerability. Has any, does anybody has question regarding the previous vulnerability? Let me type define. Okay. Now, it's about the simple, the encryption. They have three ways to get the encryption key. Now, if we use the key lock, the encryption key is very important. So how they get the encryption key? They have three ways, zero ways. The simple encryption is the most simple. They get, they use the manufacturer's code just as the encryption key. So it's very indirectly. And when, if, if a car lost a manufacturer's code, so they will have influence a bunch of, a bunch of cars. Okay. On the previous vulnerability exists in the code that authenticate in the K-POP. But this vulnerability exists in the key, it's a more, it's more like a key management flow in the car industry. So the next standard encryption. So they use the serial number to get the encryption key. First, they use six and serial number and key lock, algorithm and manufacturer's code to decrypt. And they get the 32-bit MSP. And then, the same way, they get the low SP and the thing. Now, they get the encryption key. It's the same problem as the simple, simple encryption key. If we lost the manufacturer's code, what we did not know is the serial number. So we could, we could just listen to the, listen, just capture the signal once. We will, we will find the signal, we will find the serial number. And now, we can get the encryption key. Or we did not know, did not capture any, any signal. So we could try the serial number one by one. And finally, we will open the car. So the next, I think is the most secure way, the secure encryption. The difference is, has a seed. The seed is unique to every key fab. And it's random. So if we get one key fab, the seed, we could not use it to open other cars. So the MSP is the encryption in the same way. And the next seed, we use the seed to decrypt the, to get the low ASP of the encryption key. So if we find the, we get the manufacturer's code. And if we capture the serial number, but we did not know the seed, so we could not open, open the, open the car. Okay. Okay. Supposing you have lost your key fab. And they will, you'll have the manufacturer and you, as usual, all forgot the random seed, right? That's your question? Okay. The car, the car manufacturer has their, their equipment to connect to the car and update the new, okay. Understand? Okay. Okay. Actually, we are talking about the initialization of the encryption key, how the car manufacturer initializes the encryption key for the key fab, for the key fab. There are three type of, three methods. One is the simple version and the standard and the secure encryption. Because the secure encryption got a seed. So even if you extract the seed from one vehicle, you cannot use that to open other vehicle. Okay. Okay. I think the, the, that is the car manufacturer may, may have their specialized equipment. Then that's, I think it's a question. You, you mean the, how the car manufacturer updates the seed, right? Okay. I don't know that actually. Because the car manufacturer, if you, if you can make that, do you have that tool, you could like your program, the case, your, or replace a key fab yourself. But, but the car manufacturer won't let you do that. So they may have, that's, that's my assumption. Okay. They may have employed like hardware security authentication between the ECU that in charge of this, this stores the seed and the equipments. Okay. So that's another field of study. I think we are talking about problems here. So we know the encryption key is a problem. So how we get the encryption key, how we get the manufacturer's code. We know the manufacturer's, the manufacturer's was saved into, into part one, one is the one is the in key fab. It has the encryption key and has the manufacturer's code. And then is the car has the menu and then is the car has the manufacturer's code. But if we want to decode the chip in the key fab, I think it's too hard. Then we find out they may find a way to decode the, decode the car, decode the chip in the car. They send the chip to some micro controller decode the company. Actually, we are talking about how to get the, you know, you remember the standard key generation, key generating method. Sorry, sorry, sorry. We have like three ways to generate the encryption key, right? The first one is like, oh, sorry, using the same simple equation where the encryption key is just the manufacturer's code. This code is, you know, is the same over as other vehicles manufactured by the car manufacturers, right? And there is a standard encryption. In the standard encryption, you have to, if you have the serial number and you can, you know, generate the encryption key yourself and then use that encryption key to decode the hoping code. So we are now going to talk about how to get the manufacturer code or under the serial number. Okay. So the manufacturer code often you can get this way. You can, you know, unshoulder the flash chip from in the vehicle, containing the vehicle's ECU. And you'll read, you'll read, dump those content and you'll find the manufacturer code from the flash chip. And once you find the manufacturer code, you can use like the same method to generate the encryption key and use the encryption key to decode, decrypt the rolling code. After you decrypt the rolling code, you can do whatever you want. So without further explanation, I think everybody can understand the real consequences. Then if, then how to use the manufacturer's code. If we know the serial number, how to get the serial number, we could just listen to capture the signal once. Once we just talk about the date in the format of the, of the, of the data. Remember the previous group that graph that the signal is sent in plain text, right? Do everybody, does everybody remember that? Okay. Okay. Okay. In plain text. Oh, we will see, see, see this. Here, here is the planet. So we, we just listen, listen into one. So we will get the serial number. Now we get the serial, get the serial number. And what we don't know is the signal value. If the car is the, the number one, it has signed, signed value. So we will send first, we will have sent the signal four times. The first is the signal value 001. And, and we get the e-temp. It's smaller than zero. So they will return fourth. Then the next one is 002. So they will return the fourth two. It's in the in-wait region. So the next we try, we try another, we try another number in the different region. You, you have two regions. One region, one part, one half is the in-wait. And the next is, is, could be used, is used to synchronize or is just the right, right signal. So we try the next, try the next part. Next part we try the 8001. Now they will go to re-signalize. They will go to re-signalize. And then we will send, we will send the next, next number. The next signal value. So it's 8002. They will return two. So if this, if we send the function code, it's open the door. So we could use this to open, open a car. So you understand. Okay. So next, if we don't know the serial number, if we don't know the serial number, how to, how to open, open a car. So we could try the, try the every serial number. Now, we send, send this four times and try, we could try one signal number. And then we try another. Yeah. But the serial number is very, very long. So we could not try all one by one. We must, we, we have a long time. So we had the other, other method to reduce the time. If we know the car, the, what kind of this car and what time the car produced, we, we know the range of the serial number. So that's it. We, we, we reduce the time. Yeah, you understand. So this is the unsigned one, unsigned one. We just, it has no English region. They are all blue. So we need to try, try serial number one time. So the, the serial, first, if we listen to the, capture the signal one time, and now we get, we try this two times. First, we get, we get it zero, zero, zero one. And then, and they go to the, they go to re, re, re, re synchronize the status. And then we send the next, they will open the, open the, open the door. So the same way we use to, we use the, is the, try the serial number. If we don't know the serial number, we will try, we will try it one by one. And then know the age, you know, what kind of the car to reduce the time. Yeah. Oh, this is the video. We try the serial number. So it's not, it's not very weird. And you know, this light is well, be, be bright. It's shiny. But it's not very obvious. Sorry, it's very, very obvious. So if we have time, we had to do a demo. But first, I would like to actually, anyone has questions? Okay. I, I, I think that the, the, actually I would like to do an abstract of the talk. Okay. The first one vulnerability exists in the implementation of the authentication protocol. The type, type define, the unsigned integer, the signed integer. Okay. This is the first vulnerability. The second vulnerability is the, the, the key management. The, actually the car manufacturer employed the weak key generation method in which you use serial number and the manufacturer code. That's the second vulnerability. And we actually extract many, many kind of manufacturer code and serial number from like the Naxmiss, your, the Tor and Naxmiss deals. So like the way we can, not the, with the second vulnerability, we can actually decrypt the hoping code. So we could change what the content, the content in it. So actually he, he was talking about that when, when you can decrypt that, you can change the synchronization counter to whatever you want. Well, and so actually I, I, I, we can also disable, disable the, the owner's key file by doing, by changing the synchronization value. So the, the owner actually literally have to press like almost 30,000 because it's like 16 bits variable. So the user have to like press more than like 30,000 times in order to regain, regain control. So we literally it disabled their key file. So any question? Okay. Oh, demo. This, we are going to demo on an aftermarket immobilizer because we found the manufacturer code. So we, we could find the encryption case. Yeah. Using this device to transmit the, the signal. And the, the pair is immobilizer. Okay. This is the original keyfile. This is the original keyfile. So we have the, this theorem received a learning, learning code, the serial number. And then it's a descriptive one. And it doesn't mean that we, if the car is opened for a long time, they will close itself. So the next is the sync control value. So we press to unlock it. Yeah. So we, the sync control value, value add one. You can see the value is increasing. Yeah. We will show that this is the, the first floor. We will try the sync control value smaller than the sync control value shift in the car. This is immobilizer. And then we will try the, first we will get the, this part copy. Then is the serial number. I just write it. Yeah. We try the, the sync control value. It's no, no response. So we will try the next sync control value. Sorry. This is not the sync, maybe, maybe something you will not write. And then we will try the sync control value. This one is for transmitting. This one, you can see there is an antenna here. This is to receive. And you can do this without, this is how you could like to use the software to find radio, that from, and then you use, you just have to use those also. Okay. So we will try the sync control value shift in the car. Because when the user pressed the keyboard again, the signal in the second signal will be in your body there. So it's different. And then that, in your system, only you can do it once. In the previous, or a bit later, people can not do it. And they can only do it once for, so they cannot like, change. Because we are going to sync two signals, that's what, what happens when we have a greater than, growing up, greater than. Smaller. Smaller. Smaller. Bigger. Growing up. Okay. It works. A family. That's what I would say. Thank you. Thank you for waiting for the demo. So, any questions? Great. Thank you. Thank you everybody.