From: "Douglas R. Floyd" <dfloyd@io.com>
Date: Fri, 16 Aug 1996 08:44:24 +0800
To: ses@tipper.oit.unc.edu (Simon Spero)
Subject: Re: forget photographing license plates!
In-Reply-To: <Pine.SUN.3.91.960815144122.26417A-100000@tipper.oit.unc.edu>
Message-ID: <199608152134.QAA17950@xanadu.io.com>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Another UK vehicle security reply (disclaimer: my dad's company installs 
> alarms, imobilisers, lojack/skynet, etc.)
> 
> The first generation of remote-keyed car-alarms used a static key. It 
> didn't take long before people had modified scanners to record the key 
> and play it back as soon as the driver had left. 
> 
> The current generation uses what is described as "rolling code random 
> encryption". From what I could work out from talking to people, this 
> scheme works something like a one time password scheme, but with no 
> feedback from server (car) to client (keyfob). It seems that the keyfob 
> has persistent state in the form of a  counter, which is incremented 
> every time the key is pressed. This counter is combined with the 
> encryption key and the resulting cyphertext is then transmitted.
> 
>  The car keeps a record of the last successful sequence number, and will 
> not allow earlier sequences to be replayed. The car will accept sequence 
> numbers within a certain range of the last successful one, in case a 
> particular try is not recieved, or the key is jostled in ones pocket.
> 
> I don't know how strong the algorithms are, or how long the keys are; 
> there are supposed to be minimum requirements on key length, but I don't 
> know if the approval body evaluates the crypto.
> 
> Simon

That is known for cars.  I double checked, and found some car alarms able
to do this.  However, I have not found any house garage door openers able
to pull this off.  Most still use the old blurt code method.

Ironically, there are gate openers which have this technology in them
(rolling code.)