433COM

Receiver Top view
Receiver detail
Receiver sketch
Emitter sketch

t_motivation get_inspiration(){

The mere fact that one of our team members' car was stolen using a technique usually known as roll jam attack inspired us to pursue a solution for this problem. However, our passion for applied hacking, electronics, reverse engineering, and programming enhances our motivation for this intense project.

}

void what_it_does(){

We have implemented this solution as if it was a garage door and a synchronized remote because is we thought that would be a good practical example to demonstrate it. However, we want to emphasize that there are many more fields where it can be implemented easily, bringing more security to the system. Four modules (2 RX and 2 TX) that communicate themselves at 433mhz, the most common frequency for this purpose since it is low consuming, and perform a two-way communication that sends data according to a custom protocol established by us in an Arduino Uno (simulating a garage door) and in an Arduino Nano (simulating the remote). Our main goal was to achieve a way to restrict the usage of a stolen signal by an attacker according to a timestamp in it. We have also made an adaption of the CBC algorithm to perform our signal encryption.

Firstly, the TX module on the Nano board emits an ID signal (8 bits in binary) modulated with ASK (Amplitude Shift Keying) to “wake up” the Arduino RX module. Once it has correctly identified, the “garage door” proceeds to send an encrypted timestamp to create a custom time-dependent IV for the CBC algorithm. After it, both boards process a secret message with the IV and a Key function that conclude our CBC adaption. Finally, the Nano sends back the signal encrypted as a binary code to the Uno board to compare them and to check whether the timestamp matches the expected time or not. Thanks to that we can discard signals well encoded but not using the correct timestamp, as if someone was trying to replicate the signal.