[(Title)] Tesla’s keyless entry vulnerable to spoofing attack, researchers find.

Last week's Tesla security update may have been more urgent than the company let on. Researchers at KU Leuven have figured out a way to spoof Tesla's key fob system, as first reported by Wired.

特斯拉上周的最新安全更新可能比该公司更为紧迫。据Wired报道，KU Leuven的研究人员已经研究出了一种欺骗特斯拉免钥匙进入系统的方法。

The attack is particularly significant because Tesla pioneered the keyless entry concept, which has since spread to most luxury cars.

这一攻击特别重要，因为特斯拉开创了免钥进入的概念，这一概念目前已经扩展到大多数豪华车。

“免钥匙进入”是指车主在手机用下载相关应用，激活免钥匙进入（keyless entry）功能，车主只要靠近Model 3（当车辆检测到安装应用的手机靠近时），车辆即可完成自动解锁。

This particular attack seems to have only worked on Model S units shipped before June, and in an update last week, Tesla pushed out an update that strengthened the encryption for the remaining vehicles.

这种特殊的攻击似乎只对6月以前交付的S型车辆有效，在上周的更新中，特斯拉推出了一项更新，加强了对车辆的加密。

比较庆幸的是，这一攻击似乎只适用于6月份前交付的Model S车型

More importantly, the company added the option to require a PIN password before the car will start, effectively adding two-factor to your car.

更重要的是，该公司增加了在汽车启动前需要PIN密码的选项，有效地为你的汽车增加了两个安全因素。

At the time, it seemed like overkill — but knowing that this kind of attack is possible, it's probably worth turning on. Tesla owners can add the PIN by disabling Passive Entry in the  "Doors & Locks"  section of  "Settings."

这些保护措施看起来有点麻烦——但要知道攻击是可能存在的，这样做是值得的。

特斯拉车主可以通过在“设置”中的“门和锁（Doors & Locks）”部分禁用被动输入来添加PIN。"

The attack itself is fairly involved.

攻击本身也并不容易。

Because of the back-and-forth protocol, attackers would first have to sniff out the car's Radio ID (broadcast from the car at all times), then relay that ID broadcast to a victim's key fob and listen for the response, typically from within three feet of the fob. If they can do that back-and-forth twice, the research team found they can work back to the secret key powering the fob's responses, letting them unlock the car and start the engine.

攻击者需要从汽车本身的Radio ID协议入手，通过控制这个协议，来成功入侵汽车的内部系统，然后做到远程启动的效果，而这个距离是在1米以内。

It's worth noting that Tesla cars are already fairly theft-resistant, since the always-on GPS tracking often allows victims to track and retrieve their cars after they've been stolen, which in turn encourages car thieves to look elsewhere for a payoff.

值得注意的是，特斯拉汽车已经相当防盗，因为永远在线的GPS跟踪通常允许受害者在被盗后追踪和检索他们的汽车，这反过来又鼓励偷车贼通过其他方式寻找回报。

Still, entering a pin code for your car is a small price to pay, particularly now that there's public research showing how to break through the less sophisticated versions of the protocol.

尽管如此，为爱车输入pin码是一个很小的代价，尤其是从现有的公共研究已知了公婆不太复杂协议版本的方法。

This isn't the first time an attack like this has caused a panic in the auto security world.

这样的攻击在汽车安全领域引起恐慌已经不是第一次了。

For years, Volkswagen struggled with a flaw in the Megamos transponder that allowed hackers to impersonate a key fob and drive off with cars that would otherwise have been immobilized.

多年来，大众一直在努力克服Megamos应答器中的一个缺陷，该应答器允许黑客假冒钥匙，驾驶汽车离开。

More generally, replay attacks are often used to unlock cars, even if it's harder to turn them on and drive away.

普遍来说，攻击经常被用来解锁汽车，即使它们变得越来约难以启动和开走。

The best defense we have against those attacks is essentially what Tesla has in place now: a complex handshake with robust encryption to keep the signals from being deciphered.

对这些攻击的最好防御基本上是特斯拉现有的模式：具有强大加密功能的复杂协议，以防止信号被破译。

But the strength of that encryption is limited by the keyfob itself, which can only pack so much processor power.

但是这种加密的强度受到密钥卡本身的限制，密钥卡的处理器能力是有限的。

As researchers catch on, those hacks are going to be hard to avoid, which makes less conventional fixes like second-factor PINs or RF-blocking key wallets all the more attractive.

随着研究的深入，这种攻击将很难避免，这使得不太传统的修复方法，例如二次密码变得更具吸引力。