Bluetooth Low Energy Passive keyless entry (PKE) systems, which allow drivers to open car doors without having to fumble for their keys are becoming increasingly popular. However, new research has shown that these systems may be vulnerable to link-layer relay attacks.
A team of researchers from NCC Group detailed how they were able to successfully carry out such an attack against a Tesla Model 3. Even worse, the attack tool they developed can conduct a relay attack with an added latency that is within the range of the normal GATT response timing variation, making it difficult to detect that the attack is in progress.
So, how does the attack work? Is your PKE system safe? How does the Bluetooth LE proximity-based authentication fail? Let’s take a closer look.
How Does A Bluetooth LE Passive Keyless Entry Work?
To understand how the attack works, we need to first understand how a Bluetooth LE PKE system works.
A PKE system is a system that automatically unlocks and locks your car when you are near it with an authorized phone or key fob. The system is called “passive” because it does not require any user action. With this system, the driver can lock/unlock the car doors and start/stop the engine without needing to do anything manually, either with a key fob or a mechanical key.
The nitty-gritty of how a PKE system works is as follows:
A typical PKE system uses two devices: a registered mobile device that acts as a key and a vehicle-mounted receiver, both implementing the BLE proximity GATT profile. The BLE proximity profile, as defined in its official specification, describes what happens when a device moves away from a peer device or what happens when two devices come closer together.
In a PKE system, the vehicle acts as a proximity monitor and performs a periodic discovery scan for a mobile device. Upon detecting a known mobile device (i.e a mobile device whose MAC address is white-listed), the vehicle verifies that the RSSI value received from the mobile device is within an acceptable range. RSSI is a received signal strength indication and is a measure of the strength of the radio signal received by the receiver.
If the RSSI value is within an acceptable range, then it can be concluded that the user carrying the authorized mobile phone or key fob is in close proximity to the car and therefore, can be authenticated. Generally, BLE authentication is a challenge-response operation based on the security tokens shared when the two peer devices are initially paired.
Finally, after the completion of authentication, the vehicle maintains a connection with the mobile phone and monitors the RSSI value of the connection. Based on the RSSI value, the vehicle can infer if the user is nearby or not and therefore lock/unlock the vehicle doors and start/stop the car as required. In basic terms, the RSSI value is used to authenticate the presence of the user.
So far, everything sounds like it works well. But where does the BLE proximity-based authentication fail?
How does the BLE proximity-based authentication fail
A common problem with proximity authentication using BLE is that the RSSI value isn’t a very reliable way to determine if someone is close by.
The RSSI value and MAC address are values that come from a layer below layer 2 on the OSI model. This means that they can be measured regardless of the connection status. They are not protected by the authentication, confidentiality, and integrity guarantee that the link layer provides via pairing.
The MAC address and the RSSI value are therefore untrusted properties of a BLE connection, as we’ve discussed in our previous article on the topic. They are insecure and can be easily collected and forged by an attacker in a relay attack.
Understanding A Relay Attack
A relay attack is a well-known attack used to target communication systems. In a basic relay attack, messages are relayed from one location to another to make one entity appear closer to another. Normally, the attack does not need to interpret nor modify the message signal. It just introduces a delay.
In a BLE context, a relay attack can be performed by an attacker who uses one device that is in close proximity to both the victim (i.e the user) and another device close to the intended receiver (i.e the car). The attacker collects the MAC address of the victim’s mobile device and modifies the RSSI value to whatever is required to make it appear close to the car, and then relays these two values to the car.
If there is no link-layer encryption employed between the BLE connection of the victim and the car, then the attacker can also easily carry out a relay attack of GATT requests and responses.
When the car receives the modified RSSI values, it is tricked into thinking that the authorized user is in close proximity, even though they might be far away. This corresponds to a scenario where an authorized phone is in the owner’s pocket in the supermarket and the car is in the supermarket’s parking lot.
If successful, the attacker can gain access to the victim’s car without needing the victim’s key fob or phone.
Mitigating Relay Attacks On PKE Systems
The possibility of relay attacks against BLE proximity authentication is a problem that has been known for a long time, but researchers have discovered that the Bluetooth specification doesn’t have a secure way of verifying devices are near each other. As previously stated, RSSI is an insecure property that can be easily sniffed and modified by an attacker.
One approach to mitigate relay attacks is Elliptic Curve Diffie-Hellman (ECDH) key exchange during the initial pairing process. This protects the devices’ GATT characteristics from unauthorized reads and writes.
A second approach exploits the known flaw of relay attacks which is that they introduce latency in the communication. Here, developers impose strict GATT response time limits. If the time exceeds a certain threshold, this indicates that the devices might not be in close proximity and the connection should be aborted.
Other systems try to block signal amplification relay attacks through various localization techniques like triangulation. But most localization techniques require specialized hardware which is not always available.
Even though we have come up with some solutions, there is a new type of relay attack that can get around the existing protections.
The Dangerous Relay Attack That Can Unlock Your Tesla
The NCC Research Group has developed a new type of BLE attack that operates at the link layer and is therefore capable of relaying encrypted messages.
The NCC Research Group’s tool can forward link-layer responses within a single connection event, and introduces as little as 8 ms of round-trip latency beyond normal operation. However, since real BLE devices commonly require multiple connection events to respond to GATT requests or notifications and have inherent variability in their response timing, the latency introduced by this relay attack is well within the range of normal response timing variation for real BLE devices.
The relay attack shown in the video below can bypass latency bounding and encryption security measures that are in place to protect Tesla’s Model 3 vehicles from being unlocked and driven without the authorized mobile device or key fob being nearby.
Because normal response time or successful communication over an encrypted link layer cannot be used to tell if a relay attack is happening, conventional mitigations against relay attacks do not work against these link-layer relay attacks.
Science is all about problem-solving. It’s the process of finding out what is causing a problem and then figuring out how to fix it. It, therefore, is no surprise that the researchers who created a tool to launch relay attacks on BLE PKE systems have issued a few recommendations to reduce the opportunities for such attacks. They recommend:
- When the mobile device has been stationary for more than a minute, the passive entry functionality should be disabled in the mobile app.
- The mobile application should report the mobile device’s last known location during authentication with the vehicle.
- Developers should move towards Time-of-Flight as a proximity measurement over RSSI.
We hope that these findings will prompt car manufacturers to revisit the security of their PKE systems and find ways to better protect their customers against these types of attacks.