The value of the automotive digital key market will surpass $3 billion by the end of this year, according to Persistence Market Research. And it’s projected that the market value will almost quadruple to $11 billion in a decade. But as consumer demand for digital keys increases, so does the need for secure accessibility.
Traditionally, drivers have prevented automotive theft by holding their physical keys close and locking vehicle doors. Digital keys introduce a larger attack surface, using electronic authentication technologies that allow passive entry to a vehicle by intent or proximity. Leaders in digital key development vigilantly mitigate potential attacks that exploit vulnerabilities in the architecture and implementation of digital key technology.
In the last few years, automotive and smart device manufacturers have developed a standard to set up secure digital keys for long-term success and widespread adoption. By coupling the wireless tech of ultra-wideband (UWB) and bluetooth low energy (BLE) with the security of secure elements (SE) and near field communication (NFC) in the open environment of the Car Connectivity Consortium (CCC), we now strive to create a new chapter of convenient and secure digital keys has been created.
Wireless technologies: UWB, BLE and NFC
While passive entry digital keys are a convenient way to unlock and drive vehicles, developers must incorporate high levels of security into the technology to prevent keyless proximity attacks. To create a secure digital key, standards must minimize hacker opportunities to falsely authenticate a digital key or manipulate the accessibility features when a digital key is in close proximity. We can achieve secure authentication by securing the protocol and the endpoints, ensuring secure proximity relies on radio technology.
Relay attacks are a known method of keyless vehicle theft, where a device intercepts a message between two parties within close range, and then relays the message to another device to enable access features. When it comes to automotive digital keys, a thief intercepts communication between a smart device and a vehicle.
While NFC technology has a limited transmission range by its physical nature an attacker must get within centimeters of both the vehicle and device to intercept and relay a message successfully. However, NFC technology limits a seamless user experience. When using digital keys with NFC, user phones must be within centimeters of the vehicle to enable access.
BLE, in combination with UWB technology, offers a superior user experience and contains reliable security measures for passive entry. To maintain security while allowing a vehicle and smart device to communicate from long distances, UWB uses secure distance bounding with cryptographically secured Time-of-Flight (ToF) measurements. UWB’s high frequency and broad spectrum allows devices with UWB to communicate accurately, even in reflective environments.
UWB hardware measures ToF to determine how long the UWB signal takes to travel a certain distance. Distance measurements from multiple transceivers in the car are combined to accurately localize the device relative to the vehicle and determine whether the digital key is in close proximity to authorize vehicle access or drive the vehicle when the digital key sits inside the vehicle.
Secure elements
While secure distance bounding addresses the vulnerabilities of proximity spoofing, sophisticated digital key technologies also include an additional layer of protection in a Secure Element, a microprocessor chip that offers tamper-resistant storage and authentication processing. A Secure Element promises to deliver the highest level of protection from hardware- and software-based attacks, including tampering, storage intrusion, cloning, and unauthorized access as well as side-channel, interface, and many other forms of attack.
Because all security-critical processing for authentication, encryption protocols, secure ranging, owner pairing, and engine start transactions happens within the Secure Element, the technology can deter the most dangerous attacks, including tampering, storage intrusion, and cloning, while promoting a seamless user experience.
Mutual authentication
Some digital key standards require that the communication between the device and the vehicle work directly with the Secure Element. This end-to-end connectivity ensures the foundation of digital keys remains secure through mutual authentication.
We do this by encrypting the vehicle-to-device wireless interface and the channel by which a car and device backend communicate. Creating a secure channel over the backend or the vehicle-to-device wireless interface offers an opportunity for smart devices and vehicles to mutually authenticate their communication and protect user data and access features from unauthenticated devices.
Mutually cross-signed certification authorities allow for secure communications between vehicle OEM servers and device OEM servers. When incorporated into digital keys, the standardized interface supports interoperability and security at a high level.
The automotive industry has experienced a paradigm shift in how vehicles are accessed, shared, and authenticated. As digital key technology grows in popularity over the coming years, vehicle and smart device manufacturers must come together to establish a standard suited for longevity and widespread consumer adoption.
A truly secure, interoperable digital key technology cannot exist without collaboration between the world’s largest vehicle and smart device manufacturers. Member-driven organizations such as the CCC bring together global leaders to create the CCC Digital Key standard that’s universal and secure, two essential factors in guaranteeing the future of digital key.
Daniel Knobloch, vice president, Car Connectivity Consortium
