Attack

The security of Tesla’s cars has been a hot topic in recent months. In addition to being one of the safest cars on the road, it is also well-protected from hacks and attacks. But how does Tesla make sure their vehicles are safe and secure?

Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Authorization Replay attack is using a tool like temparary in order to extract VCSEC AuthorizationResponses from a whitelisted smartphone app. For AuthorizationRequests - that are mainly used for passive entry functions - the vehicle communicates a challenge token, that the smartphone app has to answer with an AuthorizationResponse which is embedded in a VCSEC SignedMessage object that has a SIGNATURE_TYPE_AES_GCM_TOKEN SignatureType.

Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Crypto Counter Confusion attack works by impersonating a vehicle with a tool like temparary. Once the app on the owner’s phone starts communicating to the emulated BLE interface of the impersonated car, the temparary tool will request an authorization from the phone.

Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Key Drop attack works by impersonating a vehicle with a tool like temparary. Once the app on the owner’s phone starts communicating to the emulated BLE interface of the impersonated car, the temparary tool will request an authorization from the phone.

Note: This is related to Project TEMPA. Please follow this link for an overview! After unlocking the vehicle via NFC, Tesla allows potential attackers to store a key on the vehicle for a period of approx. 130s. No warning or similar will be displayed on the vehicle screen during this process.

Note: This is related to Project TEMPA. Please follow this link for an overview! Besides the ability to relay the 2.4GHz radio signal between the PhoneKey and the Tesla vehicle, it is also possible to relay information on protocol level by using standard software like gattacker.