Does the project implement the applet part? #1
Comments
|
No, applet did not include in this project |
I have successfully run this project, and then I have a question to ask, is this project actually simulated after the real vehicle has already created the CCC key? |
|
I hope so. This project offers a standardized emulator transaction, which I believe is effective in certain scenarios. |
When using the app to simulate the digital key and interact with the real vehicle, I guess the interaction should break at some point because some data is unique to the real digital key. What do you think? |
|
Essentially, the vehicle and mobile device require a prior pairing phase to exchange keys as I mentioned in the document. |
If this project is regarded as a relay attack scheme, only data forwarding, do you think it is feasible? |
|
Could you elaborate on that idea? |
Similar to NFC relay, a mobile phone analog digital key is close to the real vehicle, a mobile phone analog car is close to the real digital key, and the data between the two mobile phones is forwarded |
|
In my understanding, nfc replay attack might not be feasible. Payload included ephemeral key which generated foreach transaction, you have no ephemeral private key to create shared key |
|
This is not an NFC playback attack, but an NFC relay attack, which is to forward NFC data between a real car and a real mobile phone. |
|
Is your mean MitM attack? |
Yes, do you think it is feasible not to tamper with data in the process of forwarding data? Although the ccc technical specification mentions that it can prevent man-in-the-middle attacks, I think the specification means man-in-the-middle attacks to prevent data tampering. what do you reckon ? |
|
Short answer: No(at least in my poor understanding, i haven't found any vector that can do that) |
Relay attacks do not require injection, they simply forward data |
|
Humm... What do you do with that package? |
What does package mean, data packet? |
|
Yes, data package transfers between vehicle & mobile |
Don't modify the content of the data packet, just forward the data packet. I don't know if you have used the NFCGate tool. This tool has the function of relay attack. |
|
I just want to know: what do you do with that data package? Replay For what? Do you know that data package from replay action will be rejected ? |
If the attack can be successfully relayed, the distance limit can be circumvented, which can prove that CCC is not absolutely safe.And I have tried to carry out a relay attack in the first NFC pairing process, which can be carried out before the mobile app creates a digital key. During this process, the data of the NFC interaction between the two parties can be obtained through the relay attack |
Does the project implement the applet part?
The text was updated successfully, but these errors were encountered: