[Colloq] MS in IA Thesis Presentation - Automobile Security: From Hand Cranks to Zero Knowledge - Victoria Bennett - 4/25, 3pm, 366 WVH

[Jessica Biron]

Automobile Security: From Hand Cranks to Zero Knowledge 

Victoria Bennett 

Thursday, April 25th 
3pm in WVH 366 

Abstract: 
Vehicles have changed a lot over the years. One aspect of a vehicle that has changed the most is the physical key. First, a hand crank was used to start a vehicle. Over time, the hand crank was replaced with a switch at the steering wheel. However, the vehicle was open for anyone to drive off in it. This prompted the introduction of ignition keys. This did not stop adversaries from cloning the key or hotwiring the vehicle. Now, we use immobilizers and keyfobs to start the vehicle and even lock or unlock the doors. These use RFID tags to communicate with RFID readers in the vehicle. Through an authentication protocol, the vehicle is convinced that the tag is the correct tag for the vehicle. However, this is not always the case. Adversaries have figured out how to clone not just the ignition key, but the tag. 

This thesis presents two commonly used devices: DST and KeeLoq. The authentication protocols for these were safe under security through obscurity, but now, the ciphers have been discovered and are not secure. We work to mitigate the problems first in a way using the same ciphers. Then, we present a new zero knowledge approach to authenticating the tag to the reader. This approach uses a commonly taught protocol in a new fashion. The goal is to find a more secure way to protect the immobilizers and keyfobs that will last for many years and keep adversaries out of our vehicles.