{"id":23309,"date":"2023-10-18T17:59:39","date_gmt":"2023-10-18T15:59:39","guid":{"rendered":"https:\/\/autoklastr.cz\/cs\/?p=23309"},"modified":"2023-10-18T17:59:39","modified_gmt":"2023-10-18T15:59:39","slug":"jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech","status":"publish","type":"post","link":"https:\/\/autoklastr.cz\/en\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/","title":{"rendered":"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech"},"content":{"rendered":"<p style=\"text-align: justify;\"><strong>Syst\u00e9my bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a zapalov\u00e1n\u00ed se za\u010daly ve v\u00fdrob\u011b objevovat na p\u0159elomu 90. let a roku 2000 a zpo\u010d\u00e1tku byly k dispozici pouze u luxusn\u00edch model\u016f a dal\u0161\u00edch vozidel vy\u0161\u0161\u00ed t\u0159\u00eddy. Od t\u00e9 doby se funkce d\u00e1lkov\u00e9ho\/pasivn\u00edho bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a startov\u00e1n\u00ed (RKE\/PKE) staly st\u00e1le b\u011b\u017en\u011bj\u0161\u00edmi v cel\u00e9m odv\u011btv\u00ed a v sou\u010dasn\u00e9 dob\u011b jsou k dispozici jako standardn\u00ed v\u00fdbava naprost\u00e9 v\u011bt\u0161iny prod\u00e1van\u00fdch vozidel.<\/strong><\/p>\n<p style=\"text-align: justify;\">Obliba a pohodl\u00ed bezkl\u00ed\u010dov\u00e9ho vstupu jsou nesporn\u00e9. Stejn\u011b jako mnoho jin\u00fdch technologick\u00fdch vymo\u017eenost\u00ed jsou v\u0161ak syst\u00e9my RKE\/PKE n\u00e1chyln\u00e9 k \u00fatok\u016fm hacker\u016f &#8211; a v tomto p\u0159\u00edpad\u011b zlod\u011bj\u016f aut. Vzhledem k t\u00e9to potenci\u00e1ln\u00ed kybernetick\u00e9 kr\u00e1de\u017ei automobilu se v\u00fdrobci vozidel (OEM) a odborn\u00edci na bezpe\u010dnost automobil\u016f sna\u017e\u00ed naj\u00edt zp\u016fsoby, jak tuto hrozbu zm\u00edrnit.<\/p>\n<h3 style=\"text-align: justify;\">Syst\u00e9my RKE<\/h3>\n<p style=\"text-align: justify;\">RKE znamen\u00e1 vstup do vozidla bez pou\u017eit\u00ed fyzick\u00e9ho kl\u00ed\u010de (nap\u0159. pomoc\u00ed dve\u0159n\u00ed kl\u00e1vesnice nebo kl\u00ed\u010denky). Prvn\u00ed kl\u00ed\u010denka RKE pou\u017e\u00edvala gener\u00e1tor k\u00f3dovan\u00e9ho pulzn\u00edho sign\u00e1lu a infra\u010derven\u00fd z\u00e1\u0159i\u010d nap\u00e1jen\u00fd z baterie. Byl nakonfigurov\u00e1n tak, aby vys\u00edlal specifick\u00fd sign\u00e1l, a v\u016fz byl naprogramov\u00e1n tak, aby na tento sign\u00e1l reagoval.<\/p>\n<p style=\"text-align: center;\">\u00a0<img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-406344\" src=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132627\/Replay-attack.jpg\" sizes=\"(max-width: 819px) 100vw, 819px\" srcset=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132627\/Replay-attack.jpg 819w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132627\/Replay-attack-300x185.jpg 300w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132627\/Replay-attack-768x473.jpg 768w\" alt=\"\" width=\"819\" height=\"504\" \/><\/p>\n<p style=\"text-align: center;\"><em>Replay \u00fatok<\/em><\/p>\n<p style=\"text-align: justify;\">Hacke\u0159i vyu\u017eili tohoto nechr\u00e1n\u011bn\u00e9ho sign\u00e1lu a vymysleli &#8220;klasick\u00fd&#8221; \u00fatok replay, p\u0159i kter\u00e9m se pomoc\u00ed za\u0159\u00edzen\u00ed nahr\u00e1v\u00e1 a vys\u00edl\u00e1 na stejn\u00e9 IR frekvenci jako kl\u00ed\u010denka. Kdy\u017e \u0159idi\u010d stiskne odemykac\u00ed tla\u010d\u00edtko, \u00fato\u010dn\u00edk tento sign\u00e1l zaznamen\u00e1 a m\u016f\u017ee jej pozd\u011bji p\u0159ehr\u00e1t a odemknout dve\u0159e. V\u0161imn\u011bte si, \u017ee tento hack m\u016f\u017ee fungovat pouze v p\u0159\u00edpad\u011b, \u017ee kl\u00ed\u010denka pou\u017e\u00edv\u00e1 stejn\u00fd odemykac\u00ed sign\u00e1l p\u0159i ka\u017ed\u00e9m stisknut\u00ed odemykac\u00edho tla\u010d\u00edtka.<\/p>\n<p style=\"text-align: justify;\">Aby se takov\u00e9mu \u00fatoku zabr\u00e1nilo, bylo do zpr\u00e1vy odes\u00edlan\u00e9 z ovlada\u010de do vozu zavedeno pole s klouzav\u00fdm k\u00f3dem, kter\u00e9 zaji\u0161\u0165uje, \u017ee se odemykac\u00ed sign\u00e1l nebude opakovat. V\u016fz a kl\u00ed\u010denka sd\u00edlej\u00ed dv\u011b k\u00f3dov\u00e9 sekvence &#8211; jednu pro odemknut\u00ed a druhou pro zamknut\u00ed. Nap\u0159\u00edklad Xn by byl n-t\u00fd klouzav\u00fd k\u00f3d pro odemknut\u00ed, zat\u00edmco Yn by byl n-t\u00fd klouzav\u00fd k\u00f3d pro zamknut\u00ed. V\u0161echny sekvence jsou definov\u00e1ny pomoc\u00ed kryptograficky zabezpe\u010den\u00e9ho gener\u00e1toru pseudon\u00e1hodn\u00fdch \u010d\u00edsel (CSPRNG). P\u0159i n-t\u00e9m stisknut\u00ed odemykac\u00edho tla\u010d\u00edtka vys\u00edl\u00e1 kl\u00ed\u010denka k\u00f3d Xn. V\u016fz pak porovn\u00e1 p\u0159ijat\u00fd klouzav\u00fd k\u00f3d s o\u010dek\u00e1van\u00fdm klouzav\u00fdm k\u00f3dem a podle toho v\u016fz odemkne nebo zamkne.<\/p>\n<p style=\"text-align: justify;\">Toto vylep\u0161en\u00ed zabezpe\u010den\u00ed vyvolalo novou vlnu \u00fatok\u016f typu &#8220;roll jam&#8221;, kter\u00e9 byly navr\u017eeny tak, aby tyto rolovac\u00ed k\u00f3dy obch\u00e1zely. \u00datoky typu Roll Jam zaznamen\u00e1vaj\u00ed klouzav\u00e9 k\u00f3dy a ru\u0161\u00ed RF sign\u00e1l z kl\u00ed\u010denky, \u010d\u00edm\u017e mu br\u00e1n\u00ed v p\u0159\u00edstupu do vozidla. Tento sc\u00e9n\u00e1\u0159 \u00fatoku se skl\u00e1d\u00e1 z n\u00e1sleduj\u00edc\u00edch krok\u016f:<\/p>\n<ol style=\"text-align: justify;\">\n<li>\u0158idi\u010d stiskne odemykac\u00ed tla\u010d\u00edtko a vy\u0161le k\u00f3d X1, kter\u00fd je prvn\u00edm k\u00f3dem pro odemknut\u00ed vozidla. \u00dato\u010dn\u00edk ru\u0161\u00ed sign\u00e1l a zjist\u00ed hodnotu X1. V\u016fz v d\u016fsledku ru\u0161en\u00ed sign\u00e1l nep\u0159ijme a z\u016fstane zam\u010den\u00fd.<\/li>\n<li>\u0158idi\u010d znovu stiskne odemykac\u00ed tla\u010d\u00edtko a vy\u0161le sign\u00e1l X2. \u00dato\u010dn\u00edk ru\u0161\u00ed sign\u00e1l a zjist\u00ed hodnotu X2. Stejn\u011b jako v kroku 1 z\u016fstane v\u016fz zam\u010den\u00fd.<\/li>\n<li>\u00dato\u010dn\u00edk vys\u00edl\u00e1 X1, aby \u0159idi\u010di odemkl v\u016fz.<\/li>\n<li>Po j\u00edzd\u011b \u0159idi\u010d zaparkuje a zamkne v\u016fz odesl\u00e1n\u00edm Y1, co\u017e je o\u010dek\u00e1van\u00fd valiv\u00fd k\u00f3d pro zamknut\u00ed.<\/li>\n<li>Pozd\u011bji v noci pak m\u016f\u017ee \u00fato\u010dn\u00edk odeslat k\u00f3d X2, kter\u00fd v\u016fz odemkne.<\/li>\n<\/ol>\n<p style=\"text-align: center;\">\u00a0<img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-406345\" src=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132717\/Roll-jam-attack.jpg\" sizes=\"(max-width: 845px) 100vw, 845px\" srcset=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132717\/Roll-jam-attack.jpg 845w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132717\/Roll-jam-attack-300x154.jpg 300w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132717\/Roll-jam-attack-768x394.jpg 768w\" alt=\"Roll jam attack\" width=\"845\" height=\"434\" \/><\/p>\n<p style=\"text-align: center;\"><em>Roll jam \u00fatok<\/em><\/p>\n<p style=\"text-align: justify;\">Z hlediska bezpe\u010dnosti je hlavn\u00ed slabinou v\u00fd\u0161e uveden\u00e9 implementace to, \u017ee valiv\u00e9 k\u00f3dy pro zamyk\u00e1n\u00ed a odemyk\u00e1n\u00ed jsou na sob\u011b nez\u00e1visl\u00e9. Pouh\u00e9 sd\u00edlen\u00ed rolovac\u00edho k\u00f3du v\u0161ak otev\u00edr\u00e1 nov\u00e9 varianty \u00fatoku roll jam. \u00dato\u010dn\u00edk m\u016f\u017ee st\u00e1le ru\u0161it po sob\u011b jdouc\u00ed zpr\u00e1vy, vz\u00edt rolovac\u00ed k\u00f3d p\u0159\u00edkazu pro odemknut\u00ed a pot\u00e9 zkonstruovat platn\u00fd p\u0159\u00edkaz pro zam\u010den\u00ed (nebo opa\u010dn\u00fd sc\u00e9n\u00e1\u0159, kter\u00fd za\u010d\u00edn\u00e1 ru\u0161en\u00fdm p\u0159\u00edkazem pro zam\u010den\u00ed a konstruuje p\u0159\u00edkaz pro odemknut\u00ed). Proto je krom\u011b sd\u00edlen\u00ed rolovac\u00edho k\u00f3du d\u016fle\u017eit\u00e9 zpr\u00e1vy podepsat nebo za\u0161ifrovat, aby \u00fato\u010dn\u00edk nemohl sestavit zpr\u00e1vy na z\u00e1klad\u011b zaseknut\u00e9ho rolovac\u00edho k\u00f3du. To lze prov\u00e9st pomoc\u00ed uzn\u00e1van\u00e9ho a kryptograficky bezpe\u010dn\u00e9ho k\u00f3du pro ov\u011b\u0159ov\u00e1n\u00ed zpr\u00e1v (MAC), nap\u0159\u00edklad AES-CMAC nebo HMAC, s dlouh\u00fdm sd\u00edlen\u00fdm tajn\u00fdm kl\u00ed\u010dem.<\/p>\n<h3 style=\"text-align: justify;\">Syst\u00e9my PKE<\/h3>\n<p style=\"text-align: justify;\">Syst\u00e9m PKE posunul pohodl\u00ed na vy\u0161\u0161\u00ed \u00farove\u0148 t\u00edm, \u017ee \u0159idi\u010di umo\u017enil nastoupit do vozu a nastartovat, ani\u017e by museli vytahovat z kapsy kl\u00ed\u010denku. Z\u00e1kladn\u00ed komunikace PKE, kter\u00e1 vych\u00e1z\u00ed z poznatk\u016f z\u00edskan\u00fdch p\u0159i pou\u017e\u00edv\u00e1n\u00ed RKE, se skl\u00e1d\u00e1 z v\u00fdzvy vyslan\u00e9 vozidlem k ov\u011b\u0159en\u00ed identity kl\u00ed\u010denky a kryptograficky vypo\u010dten\u00e9 odpov\u011bdi vyslan\u00e9 kl\u00ed\u010denkou.<\/p>\n<p style=\"text-align: justify;\">Ve v\u011bt\u0161in\u011b implementac\u00ed PKE sd\u00edl\u00ed kl\u00ed\u010denka a automobil dlouh\u00fd n\u00e1hodn\u00fd tajn\u00fd kl\u00ed\u010d, kter\u00fd se pou\u017e\u00edv\u00e1 ke generov\u00e1n\u00ed a ov\u011b\u0159ov\u00e1n\u00ed odpov\u011bdi. Kl\u00ed\u010denka provede kryptografickou funkci na v\u00fdzvu a vygeneruje odpov\u011b\u010f, kterou n\u00e1sledn\u011b ov\u011b\u0159\u00ed automobil.<\/p>\n<p style=\"text-align: justify;\">Proto\u017ee implementace PKE jsou zalo\u017eeny na bl\u00edzkosti kl\u00ed\u010denky, maj\u00ed p\u0159irozen\u00e9 omezen\u00ed t\u00fdkaj\u00edc\u00ed se vzd\u00e1lenosti, do kter\u00e9 m\u016f\u017ee vys\u00edla\u010d dos\u00e1hnout. K obejit\u00ed tohoto omezen\u00ed vzd\u00e1lenosti byl vymy\u0161len nechvaln\u011b zn\u00e1m\u00fd &#8220;\u00fatok p\u0159es rel\u00e9&#8221;. Uva\u017eujme dvojici \u00fato\u010dn\u00edk\u016f, kte\u0159\u00ed pracuj\u00ed spole\u010dn\u011b. Jeden \u00fato\u010dn\u00edk je v bl\u00edzkosti vozidla a druh\u00fd je v t\u011bsn\u00e9 bl\u00edzkosti kl\u00ed\u010denky. Ka\u017ed\u00fd z \u00fato\u010dn\u00edk\u016f pou\u017e\u00edv\u00e1 vys\u00edla\u010d, kter\u00fd funguje na velkou vzd\u00e1lenost (nap\u0159. prost\u0159ednictv\u00edm 4G nebo WiFi), k p\u0159ed\u00e1v\u00e1n\u00ed zpr\u00e1v vys\u00edlan\u00fdch autem a kl\u00ed\u010denkou.<\/p>\n<p style=\"text-align: justify;\">Jak je zn\u00e1zorn\u011bno n\u00ed\u017ee, \u00fato\u010dn\u00edk A spust\u00ed v\u00fdzvu a p\u0159ed\u00e1 ji \u00fato\u010dn\u00edkovi B, kter\u00fd ji pot\u00e9 p\u0159enese do kl\u00ed\u010denky. Kl\u00ed\u010denka na v\u00fdzvu odpov\u00ed a \u00fato\u010dn\u00edk B ji p\u0159ed\u00e1 \u00fato\u010dn\u00edkovi A, kter\u00fd ji pot\u00e9 znovu p\u0159enese do vozidla.<\/p>\n<p style=\"text-align: center;\">\u00a0<img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-406346\" src=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132807\/relay-attack.jpg\" sizes=\"(max-width: 767px) 100vw, 767px\" srcset=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132807\/relay-attack.jpg 767w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132807\/relay-attack-300x126.jpg 300w\" alt=\"Relay attack\" width=\"767\" height=\"321\" \/><\/p>\n<p style=\"text-align: center;\"><em>Relay \u00fatok\u00a0<\/em><\/p>\n<h3 style=\"text-align: justify;\">Osv\u011bd\u010den\u00e9 postupy pro zm\u00edrn\u011bn\u00ed relay \u00fatok\u016f<\/h3>\n<p style=\"text-align: justify;\">Jednou z metod, jak zm\u00edrnit \u00fatoky na rel\u00e9, je stanovit horn\u00ed hranici doby odezvy. Vzhledem k tomu, \u017ee se vlny \u0161\u00ed\u0159\u00ed rychlost\u00ed sv\u011btla, je mo\u017en\u00e9 odhadnout horn\u00ed hranici vzd\u00e1lenosti m\u011b\u0159en\u00edm doby cesty tam a zp\u011bt od vysl\u00e1n\u00ed v\u00fdzvy vozu do p\u0159ijet\u00ed odpov\u011bdi. Pomoc\u00ed technologie UWB lze dos\u00e1hnout velmi p\u0159esn\u00e9ho m\u011b\u0159en\u00ed.<\/p>\n<p style=\"text-align: justify;\">Dal\u0161\u00ed metodou zm\u00edrn\u011bn\u00ed je odhad polohy kl\u00ed\u010denky pomoc\u00ed RSSI (indik\u00e1tor s\u00edly p\u0159ij\u00edman\u00e9ho sign\u00e1lu), kter\u00fd ur\u010duje vzd\u00e1lenost mezi kl\u00ed\u010denkou a vozem podle s\u00edly sign\u00e1lu. V\u016fz vys\u00edl\u00e1 v\u00fdzvu z n\u011bkolika ant\u00e9n. Kl\u00ed\u010denka pak odpov\u00ed hodnotami RSSI z ka\u017ed\u00e9 z ant\u00e9n a v\u016fz tyto hodnoty pou\u017eije k odhadu polohy.<\/p>\n<p style=\"text-align: justify;\">Hacke\u0159i v\u0161ak st\u00e1le maj\u00ed mo\u017enost algoritmus pro odhad polohy &#8220;p\u0159elst\u00edt&#8221;. Vzhledem k tomu, \u017ee RSSI se m\u011b\u0159\u00ed na stran\u011b kl\u00ed\u010denky, m\u016f\u017ee se dvojice \u00fato\u010dn\u00edk\u016f pokusit vys\u00edlat zes\u00edlen\u00fd sign\u00e1l v\u00fdzvy v bl\u00edzkosti kl\u00ed\u010denky, aby zv\u011bt\u0161ila hodnoty RSSI a &#8220;obelstila&#8221; v\u016fz, \u017ee je kl\u00ed\u010denka bl\u00ed\u017ee, ne\u017e ve skute\u010dnosti je.<\/p>\n<p style=\"text-align: justify;\">Dal\u0161\u00edm probl\u00e9mem t\u00e9to metody zm\u00edrn\u011bn\u00ed je, \u017ee jej\u00ed hodnoty nejsou podeps\u00e1ny ani za\u0161ifrov\u00e1ny. To znamen\u00e1, \u017ee digit\u00e1ln\u00ed \u00fato\u010dn\u00edk m\u016f\u017ee pomoc\u00ed demodul\u00e1toru extrahovat p\u0159en\u00e1\u0161en\u00e1 data, upravit hodnoty RSSI a pot\u00e9 sign\u00e1l znovu modulovat. Pokud se RSSI pou\u017e\u00edv\u00e1 k lokalizaci, doporu\u010duje se tyto hodnoty podepsat nebo za\u0161ifrovat.<\/p>\n<p style=\"text-align: justify;\">Aby se zabr\u00e1nilo \u00fatok\u016fm z rel\u00e9, jsou v n\u011bkter\u00fdch kl\u00ed\u010denk\u00e1ch integrov\u00e1ny sn\u00edma\u010de pohybu, kter\u00e9 detekuj\u00ed dlouhou dobu ne\u010dinnosti. Pokud po n\u011bkolika sekund\u00e1ch\/minut\u00e1ch nen\u00ed detekov\u00e1n \u017e\u00e1dn\u00fd pohyb, kl\u00ed\u010denka p\u0159estane odpov\u00eddat na v\u00fdzvy. Jin\u00fdmi slovy, pokud kl\u00ed\u010denka le\u017e\u00ed celou noc na kuchy\u0148sk\u00e9m stole, \u00fato\u010dn\u00edk nem\u016f\u017ee prov\u00e9st rel\u00e9ov\u00fd \u00fatok na vozidlo.<\/p>\n<h3 style=\"text-align: justify;\">Known challenge relay \u00fatok<\/h3>\n<p style=\"text-align: justify;\">Dal\u0161\u00edm teoretick\u00fdm sc\u00e9n\u00e1\u0159em hackersk\u00e9ho \u00fatoku je \u00fatok Known Challenge relay, kter\u00fd vyu\u017e\u00edv\u00e1 implementace, kde jsou v\u00fdzvy p\u0159edv\u00eddateln\u00e9. Nap\u0159\u00edklad dal\u0161\u00ed v\u00fdzva je p\u0159edchoz\u00ed v\u00fdzva plus 1: 0, 1, 2, &#8230;, 0xFFFFFFFFFF, nebo jsou v\u00fdzvy generov\u00e1ny pomoc\u00ed funkce gener\u00e1toru n\u00e1hodn\u00fdch \u010d\u00edsel, kter\u00e1 nen\u00ed kryptograficky zabezpe\u010dena, jako je LCG, LFSR atd. V takov\u00e9m p\u0159\u00edpad\u011b by \u00fato\u010dn\u00edk, kter\u00fd zn\u00e1 funkci PRNG nebo ji spr\u00e1vn\u011b uhodne, mohl zkonstruovat celou posloupnost v\u00fdzev.<\/p>\n<p style=\"text-align: justify;\">Stejn\u011b jako u klasick\u00e9ho \u00fatoku pomoc\u00ed rel\u00e9 (popsan\u00e9ho v\u00fd\u0161e) jsou i v tomto p\u0159\u00edpad\u011b kl\u00ed\u010denka a automobil od sebe vzd\u00e1leny, ale tentokr\u00e1t je \u00fato\u010dn\u00edk pouze jeden. Ten spust\u00ed v\u00fdzvu z auta a pot\u00e9 se sna\u017e\u00ed p\u0159edpov\u011bd\u011bt dal\u0161\u00ed v\u00fdzvu, kterou auto vy\u0161le. \u00dato\u010dn\u00edk se pak p\u0159ibl\u00ed\u017e\u00ed ke kl\u00ed\u010dence a p\u0159edpov\u00eddanou v\u00fdzvu odvys\u00edl\u00e1. Kl\u00ed\u010denka odpov\u00ed odpov\u011bd\u00ed. Pot\u00e9 se \u00fato\u010dn\u00edk vr\u00e1t\u00ed k automobilu a spust\u00ed dal\u0161\u00ed v\u00fdzvu. Pokud je spu\u0161t\u011bn\u00e1 v\u00fdzva takov\u00e1, jakou \u00fato\u010dn\u00edk p\u0159edpov\u011bd\u011bl, m\u016f\u017ee ji \u00fato\u010dn\u00edk vy\u0159e\u0161it tak, \u017ee p\u0159enese odpov\u011b\u010f zaznamenanou z kl\u00ed\u010denky, odemkne a nastartuje v\u016fz.<\/p>\n<p style=\"text-align: center;\">\u00a0<img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-406347\" src=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132855\/known-challange-relay-attack.jpg\" sizes=\"(max-width: 778px) 100vw, 778px\" srcset=\"https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132855\/known-challange-relay-attack.jpg 778w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132855\/known-challange-relay-attack-300x182.jpg 300w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132855\/known-challange-relay-attack-768x467.jpg 768w, https:\/\/media.automotiveworld.com\/app\/uploads\/2023\/10\/04132855\/known-challange-relay-attack-368x223.jpg 368w\" alt=\"known challenge relay attack\" width=\"778\" height=\"473\" \/><\/p>\n<p style=\"text-align: center;\"><em>Known challenge relay \u00fatok<\/em><\/p>\n<p style=\"text-align: justify;\">Jednou ze strategi\u00ed, jak tomuto sc\u00e9n\u00e1\u0159i p\u0159edej\u00edt, je zajistit, aby v\u00fdzvy nebyly p\u0159edv\u00eddateln\u00e9, a to pou\u017eit\u00edm uzn\u00e1van\u00e9 CSPRNG s vysokou entropi\u00ed osiva. Dal\u0161\u00edm n\u00e1vrhem je nechat v\u016fz podepsat v\u0161echny v\u00fdzvy. T\u00edmto zp\u016fsobem, i kdy\u017e je \u00fato\u010dn\u00edk schopen p\u0159edv\u00eddat v\u00fdzvu, nem\u016f\u017ee se dotazovat kl\u00ed\u010denky na odpov\u011b\u010f.<\/p>\n<h3 style=\"text-align: justify;\">Bezpe\u010dn\u00e1 implementace je z\u00e1kladem hry<\/h3>\n<p style=\"text-align: justify;\">Kr\u00e1de\u017ee vozidel jsou probl\u00e9mem ji\u017e od vyn\u00e1lezu automobil\u016f. Hra na ko\u010dku a my\u0161 mezi bezpe\u010dnostn\u00edmi profesion\u00e1ly a zlod\u011bji pokra\u010duje i dnes, jedin\u00fdm rozd\u00edlem je sofistikovanost pou\u017e\u00edvan\u00fdch n\u00e1stroj\u016f.<\/p>\n<p style=\"text-align: justify;\">RKE a PKE p\u0159edstavuj\u00ed pro v\u00fdrobce OEM \u0159adu bezpe\u010dnostn\u00edch probl\u00e9m\u016f. Nezabezpe\u010den\u00e9 implementace RKE jsou vystaveny r\u016fzn\u00fdm variant\u00e1m \u00fatok\u016f typu replay a roll jam, jako je ned\u00e1vno objeven\u00fd \u00fatok Rollback. Zpr\u00e1vy by m\u011bly b\u00fdt podeps\u00e1ny nebo za\u0161ifrov\u00e1ny, aby \u00fato\u010dn\u00edk nemohl upravovat zpr\u00e1vy zaznamenan\u00e9 z kl\u00ed\u010denky.<\/p>\n<p style=\"text-align: justify;\">U implementac\u00ed PKE je d\u016fle\u017eit\u00e9 zajistit, aby v\u00fdzvy nebyly p\u0159edv\u00eddateln\u00e9, a to pou\u017eit\u00edm sem\u00ednka s vysokou entropi\u00ed pro randomizaci a pou\u017eit\u00edm CSPRNG pro generov\u00e1n\u00ed \u0161ifrovan\u00fdch v\u00fdzev. Pokud se k odhadu polohy pou\u017e\u00edv\u00e1 RSSI, m\u011bly by b\u00fdt tyto hodnoty tak\u00e9 podeps\u00e1ny nebo za\u0161ifrov\u00e1ny, aby se zabr\u00e1nilo manipulaci.<\/p>\n<p style=\"text-align: justify;\">N\u011bkter\u00e9 chybn\u00e9 implementace lze nav\u00edc zm\u00edrnit pomoc\u00ed vylep\u0161en\u00fdch bezpe\u010dnostn\u00edch protiopat\u0159en\u00ed. V mnoha p\u0159\u00edpadech m\u016f\u017ee k odstran\u011bn\u00ed zn\u00e1m\u00fdch zranitelnost\u00ed sta\u010dit aktualizace softwaru BCM a\/nebo kl\u00ed\u010denky. Z tohoto d\u016fvodu jsou v\u00fdrobci OEM, kte\u0159\u00ed nab\u00edzej\u00ed funkci aktualizace over-the-air, nejl\u00e9pe p\u0159ipraveni \u00fa\u010dinn\u011b reagovat na nevyhnuteln\u00fd dal\u0161\u00ed \u00fatok.<\/p>\n<p style=\"text-align: justify;\">St\u0159\u00edbrn\u00e1 kulka pro prevenci kr\u00e1de\u017e\u00ed automobil\u016f neexistuje, ale spr\u00e1vn\u00e1 implementace v\u00fd\u0161e popsan\u00fdch metod a postup\u016f pro zm\u00edrn\u011bn\u00ed n\u00e1sledk\u016f by mohla slou\u017eit jako pevn\u00fd z\u00e1klad pro odvr\u00e1cen\u00ed naprost\u00e9 v\u011bt\u0161iny pokus\u016f o hacknut\u00ed bezkl\u00ed\u010dov\u00e9ho vstupu.<\/p>\n<p>&nbsp;<\/p>\n<p>Zdroj: automotiveworld.com<\/p>\n<p style=\"text-align: justify;\">\n<p style=\"text-align: justify;\">\n","protected":false},"excerpt":{"rendered":"<p>Syst\u00e9my bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a zapalov\u00e1n\u00ed se za\u010daly ve v\u00fdrob\u011b objevovat na p\u0159elomu 90. let a roku 2000 a zpo\u010d\u00e1tku byly k dispozici pouze u luxusn\u00edch model\u016f a dal\u0161\u00edch vozidel vy\u0161\u0161\u00ed t\u0159\u00eddy. Od t\u00e9 doby se funkce d\u00e1lkov\u00e9ho\/pasivn\u00edho bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a startov\u00e1n\u00ed (RKE\/PKE) staly st\u00e1le b\u011b\u017en\u011bj\u0161\u00edmi v cel\u00e9m odv\u011btv\u00ed a v sou\u010dasn\u00e9 dob\u011b jsou k dispozici [&hellip;]<\/p>\n","protected":false},"author":81,"featured_media":23310,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"kategorie_prispevku":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech | Autoklastr<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:locale:alternate\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech\" \/>\n<meta property=\"og:description\" content=\"Syst\u00e9my bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a zapalov\u00e1n\u00ed se za\u010daly ve v\u00fdrob\u011b objevovat na p\u0159elomu 90. let a roku 2000 a zpo\u010d\u00e1tku byly k dispozici pouze u luxusn\u00edch model\u016f a dal\u0161\u00edch vozidel vy\u0161\u0161\u00ed t\u0159\u00eddy. Od t\u00e9 doby se funkce d\u00e1lkov\u00e9ho\/pasivn\u00edho bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a startov\u00e1n\u00ed (RKE\/PKE) staly st\u00e1le b\u011b\u017en\u011bj\u0161\u00edmi v cel\u00e9m odv\u011btv\u00ed a v sou\u010dasn\u00e9 dob\u011b jsou k dispozici [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/autoklastr.cz\/en\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/\" \/>\n<meta property=\"og:site_name\" content=\"Autoklastr\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-18T15:59:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Karel B\u0159emek\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Karel B\u0159emek\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/\",\"url\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/\",\"name\":\"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech\",\"isPartOf\":{\"@id\":\"https:\/\/autoklastr.cz\/cs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg\",\"datePublished\":\"2023-10-18T15:59:39+00:00\",\"author\":{\"@id\":\"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/51de917140dff28ece1c759a7579ba79\"},\"breadcrumb\":{\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage\",\"url\":\"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg\",\"contentUrl\":\"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg\",\"width\":600,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Dom\u016f\",\"item\":\"https:\/\/autoklastr.cz\/cs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/#website\",\"url\":\"https:\/\/autoklastr.cz\/cs\/\",\"name\":\"Autoklastr\",\"description\":\"Spole\u010dn\u011b pro Automotive!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/autoklastr.cz\/cs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/51de917140dff28ece1c759a7579ba79\",\"name\":\"Karel B\u0159emek\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ba59bb4aee7dc631079170762e66e8c6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ba59bb4aee7dc631079170762e66e8c6?s=96&d=mm&r=g\",\"caption\":\"Karel B\u0159emek\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech | Autoklastr","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/","og_locale":"en_US","og_type":"article","og_title":"[:cs]Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech[:] | Autoklastr","og_description":"Syst\u00e9my bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a zapalov\u00e1n\u00ed se za\u010daly ve v\u00fdrob\u011b objevovat na p\u0159elomu 90. let a roku 2000 a zpo\u010d\u00e1tku byly k dispozici pouze u luxusn\u00edch model\u016f a dal\u0161\u00edch vozidel vy\u0161\u0161\u00ed t\u0159\u00eddy. Od t\u00e9 doby se funkce d\u00e1lkov\u00e9ho\/pasivn\u00edho bezkl\u00ed\u010dov\u00e9ho odemyk\u00e1n\u00ed a startov\u00e1n\u00ed (RKE\/PKE) staly st\u00e1le b\u011b\u017en\u011bj\u0161\u00edmi v cel\u00e9m odv\u011btv\u00ed a v sou\u010dasn\u00e9 dob\u011b jsou k dispozici [&hellip;]","og_url":"https:\/\/autoklastr.cz\/en\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/","og_site_name":"Autoklastr","article_published_time":"2023-10-18T15:59:39+00:00","og_image":[{"width":600,"height":900,"url":"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg","type":"image\/jpeg"}],"author":"Karel B\u0159emek","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Karel B\u0159emek","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/","url":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/","name":"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech","isPartOf":{"@id":"https:\/\/autoklastr.cz\/cs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage"},"image":{"@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage"},"thumbnailUrl":"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg","datePublished":"2023-10-18T15:59:39+00:00","author":{"@id":"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/51de917140dff28ece1c759a7579ba79"},"breadcrumb":{"@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#primaryimage","url":"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg","contentUrl":"https:\/\/autoklastr.cz\/wp-content\/uploads\/2023\/10\/Opel-Zafira-keyless-entry.jpg","width":600,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/autoklastr.cz\/cs\/jak-zmirnit-nedostatky-v-bezklicovych-vstupnich-systemech\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Dom\u016f","item":"https:\/\/autoklastr.cz\/cs\/"},{"@type":"ListItem","position":2,"name":"Jak zm\u00edrnit nedostatky v bezkl\u00ed\u010dov\u00fdch vstupn\u00edch syst\u00e9mech"}]},{"@type":"WebSite","@id":"https:\/\/autoklastr.cz\/cs\/#website","url":"https:\/\/autoklastr.cz\/cs\/","name":"Autoklastr","description":"Spole\u010dn\u011b pro Automotive!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/autoklastr.cz\/cs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/51de917140dff28ece1c759a7579ba79","name":"Karel B\u0159emek","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/autoklastr.cz\/cs\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ba59bb4aee7dc631079170762e66e8c6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ba59bb4aee7dc631079170762e66e8c6?s=96&d=mm&r=g","caption":"Karel B\u0159emek"}}]}},"_links":{"self":[{"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/posts\/23309"}],"collection":[{"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/users\/81"}],"replies":[{"embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/comments?post=23309"}],"version-history":[{"count":1,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/posts\/23309\/revisions"}],"predecessor-version":[{"id":23311,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/posts\/23309\/revisions\/23311"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/media\/23310"}],"wp:attachment":[{"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/media?parent=23309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/categories?post=23309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/tags?post=23309"},{"taxonomy":"kategorie_prispevku","embeddable":true,"href":"https:\/\/autoklastr.cz\/en\/wp-json\/wp\/v2\/kategorie_prispevku?post=23309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}