Why can't it be very simple and secure. Car and fob share a secret key. When you... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

		bufferoverflow 3 days ago \| parent \| context \| favorite \| on: Assignment 5: Cars and Key Fobs (2021) Why can't it be very simple and secure. Car and fob share a secret key. When you click on the open button on the fob, you send SHA256(key) Car responds with a random challenge RND Fob sends SHA256(key XOR RND) Car does the same calculation and compares.

kilburn 3 days ago [–]

There's no car identification in this protocol, meaning that impersonation/mitm attacks are trivial. Try again :)

bufferoverflow 2 days ago | [–]

I don't see it. Give an example of how this attack can be executed, a practical application.

I approach my car, I press the button on the fob to open it, and your attack does what exactly?

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact