Adding a clock to a key, so the code is only valid for a few seconds + keyless entry respond only active if the key was moved in the last 30 seconds, would solve most of the problems. That's like $5 per key?
Any dollars more than none is too many for auto companies and for dealerships. Even subsidizing it would still require them to spend time on the problem and that's quite unacceptable.
That's assuming that the technical problem, testing, rollout, etc. wouldn't run into any issues.
That all said, not all thefts are the kind that the Flipper team are describing (/the kind that the government is falsely blaming on the Zero). Lots of them are a lot simpler than that, even before getting to the Kia/Hyundai mess.
Actually making the mass car theft problem better would require a more in depth approach across several boundaries, and that's a lot more effort than just banning this tool.
A clock + challenge response is likely one of only a couple solutions to this problem, but the challenge is the "valid time" would need to be on the order of nanoseconds, not seconds to beat the relay attack mentioned in the article.
This might be doable but the authentication path would need entirely separate and dedicated circuitry.
Or maybe a cryptographic stream that is like a cumulative handshake (incremental streamed challenge/response?) that can offset some of the processing delay.
Any solution would need to be faster than nanoseconds because that's how long it takes light to travel a meter or two.
I think you are right. Without knowing more detail, the claims of the protocol seem very cool. They are doing more than just Time of Flight calculations.
Looks like they do channel impulse response analysis with really high data rates.
