{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T11:07:47Z","timestamp":1769512067011,"version":"3.49.0"},"reference-count":49,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T00:00:00Z","timestamp":1748649600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T00:00:00Z","timestamp":1748649600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,6]]},"DOI":"10.1007\/s10207-025-01063-7","type":"journal-article","created":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T11:33:52Z","timestamp":1748691232000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Clonable key fobs: Analyzing and breaking RKE protocols"],"prefix":"10.1007","volume":"24","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7459-0566","authenticated-orcid":false,"given":"Roberto","family":"Gesteira-Mi\u00f1arro","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9954-3504","authenticated-orcid":false,"given":"Gregorio","family":"L\u00f3pez","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8963-5074","authenticated-orcid":false,"given":"Rafael","family":"Palacios","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,5,31]]},"reference":[{"key":"1063_CR1","unstructured":"C-V2X explained. https:\/\/5gaa.org\/c-v2x-explained"},{"key":"1063_CR2","unstructured":"7Rocky: rf_exploit. https:\/\/github.com\/7Rocky\/rf_exploit"},{"issue":"2","key":"1063_CR3","doi-asserted-by":"publisher","first-page":"431","DOI":"10.1109\/TVT.2003.808759","volume":"52","author":"A Alrabady","year":"2003","unstructured":"Alrabady, A., Mahmud, S.: Some attacks against vehicles\u2019 passive entry security systems and their solutions. IEEE Transactions on Vehicular Technology 52(2), 431\u2013439 (2003). https:\/\/doi.org\/10.1109\/TVT.2003.808759","journal-title":"IEEE Transactions on Vehicular Technology"},{"key":"1063_CR4","unstructured":"Enabling positive Security solutions for the Automotive Market. https:\/\/asrg.io"},{"key":"1063_CR5","unstructured":"rfcat (2024). https:\/\/github.com\/atlas0fd00m\/rfcat"},{"issue":"4","key":"1063_CR6","doi-asserted-by":"publisher","first-page":"1259","DOI":"10.1109\/TEMC.2016.2570303","volume":"58","author":"S van de Beek","year":"2016","unstructured":"van de Beek, S., Leferink, F.: Vulnerability of Remote Keyless-Entry Systems Against Pulsed Electromagnetic Interference and Possible Improvements. IEEE Transactions on Electromagnetic Compatibility 58(4), 1259\u20131265 (2016). https:\/\/doi.org\/10.1109\/TEMC.2016.2570303","journal-title":"IEEE Transactions on Electromagnetic Compatibility"},{"key":"1063_CR7","unstructured":"Benadjila, R., Renard, M., Lopes-Esteves, J., Kasmi, C.: One Car, Two Frames: Attacks on Hitag-2 Remote Keyless Entry Systems Revisited. In: Proceedings of the 11th USENIX Conference on Offensive Technologies, WOOT\u201917. USENIX Association, USA (2017)"},{"key":"1063_CR8","unstructured":"Bogdanov, A.: Cryptanalysis of the KeeLoq block cipher. IACR Cryptol. ePrint Arch. 2007 (2007)"},{"key":"1063_CR9","unstructured":"Car Hacking Village. https:\/\/www.carhackingvillage.com"},{"key":"1063_CR10","unstructured":"CRC RevEng: arbitrary-precision CRC calculator and algorithm finder (2024). https:\/\/reveng.sourceforge.io"},{"issue":"1","key":"1063_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3627827","volume":"8","author":"L Csikor","year":"2024","unstructured":"Csikor, L., Lim, H.W., Wong, J.W., Ramesh, S., Parameswarath, R.P., Chan, M.C.: RollBack: A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems. ACM Transactions on Cyber-Physical Systems 8(1), 1\u201325 (2024). https:\/\/doi.org\/10.1145\/3627827","journal-title":"ACM Transactions on Cyber-Physical Systems"},{"issue":"1","key":"1063_CR12","doi-asserted-by":"publisher","first-page":"944","DOI":"10.1002\/iis2.13187","volume":"34","author":"J Daily","year":"2024","unstructured":"Daily, J., Span, M.T.: A Model for Cybersecurity Education through Challenge Events. INCOSE International Symposium 34(1), 944\u2013957 (2024). https:\/\/doi.org\/10.1002\/iis2.13187","journal-title":"INCOSE International Symposium"},{"key":"1063_CR13","doi-asserted-by":"publisher","unstructured":"Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Manzuri, M.: On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme. In: Advances in Cryptology \u2013 CRYPTO 2008, pp. 203\u2013220. Springer Berlin Heidelberg, Berlin, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_12","DOI":"10.1007\/978-3-540-85174-5_12"},{"key":"1063_CR14","unstructured":"Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., Manzuri, M.: Physical Cryptanalysis of KeeLoq Code Hopping Applications. IACR Cryptology ePrint Archive 2008 (2008)"},{"key":"1063_CR15","unstructured":"Enderlein, R.R.: KeeLoq. Tech. rep., \u00c9cole Polytechnique F\u00e9d\u00e9rale de Lausanne (2010). http:\/\/www.e7n.ch\/data\/e10.pdf"},{"key":"1063_CR16","unstructured":"Erazo, D.: Breaking Learning Codes (2024). https:\/\/media.defcon.org\/DEF%20CON%2032\/DEF%20CON%2032%20villages\/DEF%20CON%2032%20-%20Car%20Hacking%20Village%20-%20Danilo%20Erazo%20-%20How%20I%20discovered%20and%20hacked%20Learning%20Codes%20of%20the%20key%20job%20of%20a%20car%20assembled%20in%20my%20country.pdf"},{"key":"1063_CR17","doi-asserted-by":"publisher","DOI":"10.3929\/ETHZ-A-006708714","author":"A Francillon","year":"2011","unstructured":"Francillon, A., Danev, B., Capkun, S.: Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars. IACR Cryptol. ePrint Arch. (2011). https:\/\/doi.org\/10.3929\/ETHZ-A-006708714","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"1063_CR18","unstructured":"Garcia, F.D., Oswald, D., Kasper, T., Pavlid\u00e8s, P.: Lock It and Still Lose It - on the (in)Security of Automotive Remote Keyless Entry Systems. In: Proceedings of the 25th USENIX Conference on Security Symposium, SEC\u201916, p. 929\u2013944. USENIX Association, USA (2016)"},{"key":"1063_CR19","doi-asserted-by":"publisher","unstructured":"Ghanem, A., AlTawy, R.: Garage Door Openers: A Rolling Code Protocol Case Study. In: 2022 19th Annual International Conference on Privacy, Security & Trust (PST), p. 1\u20136 (2022). https:\/\/doi.org\/10.1109\/PST55820.2022.9851991","DOI":"10.1109\/PST55820.2022.9851991"},{"key":"1063_CR20","unstructured":"About GNU Radio (2024). https:\/\/www.gnuradio.org\/about\/"},{"key":"1063_CR21","unstructured":"HackRF One (2024). https:\/\/greatscottgadgets.com\/hackrf\/one\/"},{"key":"1063_CR22","unstructured":"YARD Stick One (2024). https:\/\/greatscottgadgets.com\/yardstickone\/"},{"key":"1063_CR23","doi-asserted-by":"publisher","unstructured":"Greene, K., Rodgers, D., Dykhuizen, H., McNeil, K., Niyaz, Q., Shamaileh, K.A.: Timestamp-based Defense Mechanism Against Replay Attack in Remote Keyless Entry Systems. In: 2020 IEEE International Conference on Consumer Electronics (ICCE), p. 1\u20134 (2020). https:\/\/doi.org\/10.1109\/ICCE46568.2020.9043039","DOI":"10.1109\/ICCE46568.2020.9043039"},{"key":"1063_CR24","doi-asserted-by":"publisher","unstructured":"Hicks, C., Garcia, F.D., Oswald, D.: Dismantling the AUT64 Automotive Cipher. IACR Transactions on Cryptographic Hardware and Embedded Systems p. 46\u201369 (2018). https:\/\/doi.org\/10.13154\/tches.v2018.i2.46-69","DOI":"10.13154\/tches.v2018.i2.46-69"},{"key":"1063_CR25","doi-asserted-by":"publisher","unstructured":"Ibrahim, O., Hussain, A., Oligeri, G., Pietro, R.: Key is in the Air: Hacking Remote Keyless Entry Systems, p. 125\u2013132. Springer International Publishing (2019). https:\/\/doi.org\/10.1007\/978-3-030-16874-2_9","DOI":"10.1007\/978-3-030-16874-2_9"},{"key":"1063_CR26","doi-asserted-by":"publisher","unstructured":"Immler, V.: Breaking Hitag 2 Revisited. In: Proceedings of the Second International Conference on Security, Privacy, and Applied Cryptography Engineering, SPACE\u201912, p. 126\u2013143. Springer-Verlag, Berlin, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34416-9_9","DOI":"10.1007\/978-3-642-34416-9_9"},{"key":"1063_CR27","doi-asserted-by":"publisher","unstructured":"Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A Practical Attack on KeeLoq. In: N.\u00a0Smart (ed.) Advances in Cryptology \u2013 EUROCRYPT 2008, pp. 1\u201318. Springer Berlin Heidelberg, Berlin, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_1","DOI":"10.1007\/978-3-540-78967-3_1"},{"key":"1063_CR28","doi-asserted-by":"publisher","unstructured":"Joo, K., Choi, W., Lee, D.H.: Hold the Door! Fingerprinting Your Car Key to Prevent Keyless Entry Car Theft. In: Proceedings 2020 Network and Distributed System Security Symposium. Internet Society, San Diego, CA (2020). https:\/\/doi.org\/10.14722\/ndss.2020.23107","DOI":"10.14722\/ndss.2020.23107"},{"key":"1063_CR29","unstructured":"Kamkar, S.: Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars (2015). https:\/\/defcon.org\/html\/defcon-23\/dc-23-speakers.html#Kamkar"},{"key":"1063_CR30","doi-asserted-by":"crossref","unstructured":"Kasper, M., Kasper, T., Moradi, A., Paar, C.: Breaking KeeLoq in a Flash: On Extracting Keys at Lightning Speed. In: Preneel, B. (ed.) Progress in Cryptology - AFRICACRYPT 2009, pp. 403\u2013420. Springer, Berlin Heidelberg, Berlin, Heidelberg (2009)","DOI":"10.1007\/978-3-642-02384-2_25"},{"key":"1063_CR31","unstructured":"Kendil, S.A.: Reverse engineering a car key fob signal (Part 1) (2024). https:\/\/0x44.cc\/radio\/2024\/03\/13\/reversing-a-car-key-fob-signal.html"},{"key":"1063_CR32","unstructured":"miek\/inspectrum: Radio Signal Analyzer (2024). https:\/\/github.com\/miek\/inspectrum"},{"key":"1063_CR33","unstructured":"Ossmann, M.: Rapid Radio Reversing. https:\/\/www.blackhat.com\/docs\/asia-16\/materials\/asia-16-Ossmann-Rapid-Radio-Reversing-wp.pdf"},{"key":"1063_CR34","unstructured":"OZ9AEC, A.C.: Gqrx sdr - open source software defined radio by alexandru csete oz9aec (2024). https:\/\/gqrx.dk\/"},{"key":"1063_CR35","unstructured":"Pavel\u00a0Zhovner, A.Z., Nadyrshin, R.: Our Response to the Canadian Government (2024). https:\/\/blog.flipper.net\/response-to-canadian-government\/"},{"key":"1063_CR36","unstructured":"Pohl, J., Noack, A.: Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols. In: 12th USENIX Workshop on Offensive Technologies (WOOT 18). USENIX Association, Baltimore, MD (2018). https:\/\/www.usenix.org\/conference\/woot18\/presentation\/pohl"},{"key":"1063_CR37","doi-asserted-by":"publisher","unstructured":"Radu, A.I., Garcia, F.D.: Grey-box Analysis and Fuzzing of Automotive Electronic Components via Control-Flow Graph Extraction. In: Proceedings of the 4th ACM Computer Science in Cars Symposium, CSCS \u201920. Association for Computing Machinery, New York, NY, USA (2020). https:\/\/doi.org\/10.1145\/3385958.3430480","DOI":"10.1145\/3385958.3430480"},{"key":"1063_CR38","unstructured":"UN Regulation No. 155 - Cyber security and cyber security management system. Tech. rep., UNECE (2021). https:\/\/unece.org\/transport\/documents\/2021\/03\/standards\/un-regulation-no-155-cyber-security-and-cyber-security"},{"key":"1063_CR39","unstructured":"UN Regulation No. 156 - Software update and software update management system. Tech. rep., UNECE (2021). https:\/\/unece.org\/transport\/documents\/2021\/03\/standards\/un-regulation-no-156-software-update-and-software-update"},{"key":"1063_CR40","unstructured":"Valdes-Dapena, P.: Some auto insurers are refusing to cover certain Hyundai and Kia models (2023). https:\/\/edition.cnn.com\/2023\/01\/27\/business\/progressive-state-farm-hyundai-kia\/index.html"},{"key":"1063_CR41","unstructured":"Verdult, R., Garcia, F.D., Balasch, J.: Gone in 360 Seconds: Hijacking with Hitag2. In: 21st USENIX Security Symposium (USENIX Security 12), pp. 237\u2013252. USENIX Association, Bellevue, WA (2012). https:\/\/www.usenix.org\/conference\/usenixsecurity12\/technical-sessions\/presentation\/verdult"},{"key":"1063_CR42","unstructured":"Verdult, R., Garcia, F.D., Ege, B.: Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer. In: Supplement to the Proceedings of 22nd USENIX Security Symposium (Supplement to USENIX Security 15), pp. 703\u2013718. USENIX Association, Washington, D.C. (2015). https:\/\/www.usenix.org\/conference\/usenixsecurity15\/technical-sessions\/presentation\/verdult"},{"key":"1063_CR43","unstructured":"Verstegen, A., Verdult, R., Bokslag, W.: Hitag 2 Hell \u2013 Brutally Optimizing Guess-and-Determine Attacks. In: 12th USENIX Workshop on Offensive Technologies (WOOT 18). USENIX Association, Baltimore, MD (2018). https:\/\/www.usenix.org\/conference\/woot18\/presentation\/verstegen"},{"key":"1063_CR44","unstructured":"Driving Automotive Cybersecurity Forward. https:\/\/vicone.com"},{"key":"1063_CR45","unstructured":"Pwn2Own Automotive. https:\/\/vicone.com\/pwn2own-automotive"},{"key":"1063_CR46","doi-asserted-by":"publisher","first-page":"817","DOI":"10.1109\/COMPSAC.2019.00120","volume":"1","author":"J Wang","year":"2019","unstructured":"Wang, J., Lounis, K., Zulkernine, M.: CSKES: A Context-Based Secure Keyless Entry System. In: 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC) 1, 817\u2013822 (2019). https:\/\/doi.org\/10.1109\/COMPSAC.2019.00120","journal-title":"In: 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC)"},{"key":"1063_CR47","doi-asserted-by":"publisher","first-page":"149","DOI":"10.46586\/tches.v2021.i4.149-172","volume":"4","author":"L Wouters","year":"2021","unstructured":"Wouters, L., Gierlichs, B., Preneel, B.: My other car is your car: compromising the Tesla Model X keyless entry system. IACR Transactions on Cryptographic Hardware and Embedded Systems 4, 149\u2013172 (2021). https:\/\/doi.org\/10.46586\/tches.v2021.i4.149-172","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"1063_CR48","doi-asserted-by":"publisher","first-page":"66","DOI":"10.13154\/tches.v2019.i3.66-85","volume":"3","author":"L Wouters","year":"2019","unstructured":"Wouters, L., Marin, E., Ashur, T., Gierlichs, B., Preneel, B.: Fast, furious and insecure: passive keyless entry and start systems in modern supercars. IACR Transactions on Cryptographic Hardware and Embedded Systems 3, 66\u201385 (2019). https:\/\/doi.org\/10.13154\/tches.v2019.i3.66-85","journal-title":"IACR Transactions on Cryptographic Hardware and Embedded Systems"},{"key":"1063_CR49","doi-asserted-by":"publisher","unstructured":"Yoshizawa, T., Preneel, B.: Post-Quantum Impacts on V2X Certificates \u2013 Already at The End of The Road. In: 2023 IEEE 97th Vehicular Technology Conference (VTC2023-Spring), pp. 1\u20136 (2023). https:\/\/doi.org\/10.1109\/VTC2023-Spring57618.2023.10199793","DOI":"10.1109\/VTC2023-Spring57618.2023.10199793"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01063-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-025-01063-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-025-01063-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,21]],"date-time":"2025-06-21T10:12:18Z","timestamp":1750500738000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-025-01063-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5,31]]},"references-count":49,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["1063"],"URL":"https:\/\/doi.org\/10.1007\/s10207-025-01063-7","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,5,31]]},"assertion":[{"value":"31 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"150"}}