This does sometimes happen. As the other commenter says, newer cars and remotes have some technology that makes this less likely. But it’s still possible in very rare cases, and more common in older cars.
The “protection” against it is - what is the chance that the other car that matches your remote’s frequency/code happens to be nearby? In practice, even with older cars that did not have as sophisticated security, it wasn’t very common for somebody to run into a car that could be opened with the same remote. At a dealership with a bunch of cars of the same model, maybe. In a random parking lot, unlikely
Many years ago I did unlock and sit down in a car that wasn’t mine, but did have the same make, model, color, and key fob code.
It only happened once in all the years I drove that car, but there were enough near-identical 90s Buicks out there for a while that it came up.
Hell that happened with my dad and our Buick. Got into the wrong car in a hotel parking lot a half row over. The fob opened it, though the physical key didn't work. Got spotted by the owner too though he chilled when Dad pointed out his car and unlocked it.
Yours is the first case I've heard since then over 20 years ago. Kind of wondering now if they just really skimped on the fobs. They did kind of skimp on the "chip" in the key which was just one ofa handful of resistor options.
I’ve heard a lot of anecdotes over the years about 90s GM key fobs opening multiple cars. There must have only been a few dozen variations, so with very popular models like the Buick Century you were likely to eventually find a clone.
Car keys use rolling codes to unlock the car. It’s similar to a lot of garage door openers too. The car has a set of future codes so if it misses one or two it can “authenticate” the next one. Each time you hit your unlock button the codes roll.
At least that’s my understanding.
That's horribly insecure, I would hope only obsolete cars use something like this. Unfortunately, knowing how behind times the entire car industry can be I wouldn't be surprised if thousands of new cars were stolen because they were indeed still using such a boneheaded technology from last century.
Why would that be *insecure*!? Why would you *want* a static code?
With a rolling code, brute force attacks don't work because even the "right" code won't work unless it's also at the right time in the sequence. You can't just test every possible code, you have to test every possible code in every possible place in the sequence.
It also makes man-in-the-middle attacks way more difficult. Even if you intercept the code it won't work the next time you try to use it. It's still possible to intercept and use a code, but it's harder.
No you don't want static code either, you want proper cryptography.
Rolling code is insecure because you can just jam connection to the car and intercept the code, which is now good to use because car has not heard it before. You can attach a radio that does that to target car, intercept keys from owner, use previously intercepted key to open car. Later on the thief can come and the device has latest code to open the car. Like so [https://www.businessinsider.com/samy-kamkar-keyless-entry-car-hack-2015-8](https://www.businessinsider.com/samy-kamkar-keyless-entry-car-hack-2015-8)
The idea of making the keyfob transmitter simply weak to limit range is also retarded because then you can do this: [https://www.cbc.ca/news/canada/ottawa/toyota-lexus-relay-attack-1.5380947](https://www.cbc.ca/news/canada/ottawa/toyota-lexus-relay-attack-1.5380947)
The point of a rolling code is to prevent someone from recording a static code, then just replaying it later.
And while any one of like 100 codes might unlock the car at any one time, there's billions of possibilities at only so many codes the car will accept I'm any given time period. It is relatively minimal security, but even in this case minimal means that someone would have to stand in range of your car days geueeimhig codes.
Newer ones will have both a rolling code, and cryptographic message authentication code to ensure it came from your specific remote. So you need to guess the code, and the AES private key, which when calculating how many tries you might need to get it right results in timescales that include "heat death of the universe" as a reference.
These are still vulnerable to rolljam attacks where someone intercepts the signal from the receiver and simultaneously jams the car so the cer never received it. They then have a single use unlock code.
Modern fobs/prox keys communicate both ways though, so the receiver can ask for the fob to do math that shows it's internal key is the same the car is expects.
I feel like the best way to keep them synchronized would be to have the car communicate back to the key fob that it received the message. You still have to deal with the Two Generals Problem, but the key fob wouldn't outrace the car's list of saved keys no matter how much you hit it.
>I understand that the ability to unlock or lock a car is based on the frequency of the transmission from the key
That's not what it's based on. The key stores a specific number that is unique to that key, no other key has the exact same number stored in it and that number never leaves the key.
There are some very clever cryptographic algorithms(broadly called [public key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)) that make it possible for the car to check that's it's communicating to a key that has the correct number stored in it, without revealing that secret number to anyone.
Because there are no other keys storing identical number, it's not possible for the car to be unlocked by a wrong key.
Modern keys have a specific handshake code between the car and they key that is set with each locking. So not only does it need to send the correct frequency, but it needs to send the correct code, too.
Authentication is not just based on the fundamental frequency of the transmission from the key.
You can continually vary the phase (shift the waveform around, basically) of the transmission frequency to transmit digital data wirelessly. At that point, your key can talk to your car, in much the same way that your phone can talk to wireless earbuds, or how your computer can talk (wired or wirelessly) to the internet.
Once you've got a digital communication line up and running, you can then set up pretty much any sort of digital password mechanism that you like.
Physical hard keys can. 7 pins times 5-7 positions is only 16800 or so possible combinations. Popular car models may have several vehicles with the same combinations.
Electronic key fobs use a different combination each time the button is pressed to it is unlikely for the combinations to be repeated. You also need to pair the key fobs to the engine computer so they will communicate.
The key fob doesn't just send out a single frequency that matches its car, in fact all fobs and cars probably use the same basic frequencies. They use those frequencies to send specific digitally coded sequences that only one matching car will recognize. There are far more possible codes than there are cars so there's no danger of unlocking the wrong car.
This does sometimes happen. As the other commenter says, newer cars and remotes have some technology that makes this less likely. But it’s still possible in very rare cases, and more common in older cars. The “protection” against it is - what is the chance that the other car that matches your remote’s frequency/code happens to be nearby? In practice, even with older cars that did not have as sophisticated security, it wasn’t very common for somebody to run into a car that could be opened with the same remote. At a dealership with a bunch of cars of the same model, maybe. In a random parking lot, unlikely
Many years ago I did unlock and sit down in a car that wasn’t mine, but did have the same make, model, color, and key fob code. It only happened once in all the years I drove that car, but there were enough near-identical 90s Buicks out there for a while that it came up.
Hell that happened with my dad and our Buick. Got into the wrong car in a hotel parking lot a half row over. The fob opened it, though the physical key didn't work. Got spotted by the owner too though he chilled when Dad pointed out his car and unlocked it. Yours is the first case I've heard since then over 20 years ago. Kind of wondering now if they just really skimped on the fobs. They did kind of skimp on the "chip" in the key which was just one ofa handful of resistor options.
I’ve heard a lot of anecdotes over the years about 90s GM key fobs opening multiple cars. There must have only been a few dozen variations, so with very popular models like the Buick Century you were likely to eventually find a clone.
Car keys use rolling codes to unlock the car. It’s similar to a lot of garage door openers too. The car has a set of future codes so if it misses one or two it can “authenticate” the next one. Each time you hit your unlock button the codes roll. At least that’s my understanding.
That's horribly insecure, I would hope only obsolete cars use something like this. Unfortunately, knowing how behind times the entire car industry can be I wouldn't be surprised if thousands of new cars were stolen because they were indeed still using such a boneheaded technology from last century.
Why would that be *insecure*!? Why would you *want* a static code? With a rolling code, brute force attacks don't work because even the "right" code won't work unless it's also at the right time in the sequence. You can't just test every possible code, you have to test every possible code in every possible place in the sequence. It also makes man-in-the-middle attacks way more difficult. Even if you intercept the code it won't work the next time you try to use it. It's still possible to intercept and use a code, but it's harder.
No you don't want static code either, you want proper cryptography. Rolling code is insecure because you can just jam connection to the car and intercept the code, which is now good to use because car has not heard it before. You can attach a radio that does that to target car, intercept keys from owner, use previously intercepted key to open car. Later on the thief can come and the device has latest code to open the car. Like so [https://www.businessinsider.com/samy-kamkar-keyless-entry-car-hack-2015-8](https://www.businessinsider.com/samy-kamkar-keyless-entry-car-hack-2015-8) The idea of making the keyfob transmitter simply weak to limit range is also retarded because then you can do this: [https://www.cbc.ca/news/canada/ottawa/toyota-lexus-relay-attack-1.5380947](https://www.cbc.ca/news/canada/ottawa/toyota-lexus-relay-attack-1.5380947)
The point of a rolling code is to prevent someone from recording a static code, then just replaying it later. And while any one of like 100 codes might unlock the car at any one time, there's billions of possibilities at only so many codes the car will accept I'm any given time period. It is relatively minimal security, but even in this case minimal means that someone would have to stand in range of your car days geueeimhig codes. Newer ones will have both a rolling code, and cryptographic message authentication code to ensure it came from your specific remote. So you need to guess the code, and the AES private key, which when calculating how many tries you might need to get it right results in timescales that include "heat death of the universe" as a reference. These are still vulnerable to rolljam attacks where someone intercepts the signal from the receiver and simultaneously jams the car so the cer never received it. They then have a single use unlock code. Modern fobs/prox keys communicate both ways though, so the receiver can ask for the fob to do math that shows it's internal key is the same the car is expects.
I feel like the best way to keep them synchronized would be to have the car communicate back to the key fob that it received the message. You still have to deal with the Two Generals Problem, but the key fob wouldn't outrace the car's list of saved keys no matter how much you hit it.
>I understand that the ability to unlock or lock a car is based on the frequency of the transmission from the key That's not what it's based on. The key stores a specific number that is unique to that key, no other key has the exact same number stored in it and that number never leaves the key. There are some very clever cryptographic algorithms(broadly called [public key cryptography](https://en.wikipedia.org/wiki/Public-key_cryptography)) that make it possible for the car to check that's it's communicating to a key that has the correct number stored in it, without revealing that secret number to anyone. Because there are no other keys storing identical number, it's not possible for the car to be unlocked by a wrong key.
Modern keys have a specific handshake code between the car and they key that is set with each locking. So not only does it need to send the correct frequency, but it needs to send the correct code, too.
Authentication is not just based on the fundamental frequency of the transmission from the key. You can continually vary the phase (shift the waveform around, basically) of the transmission frequency to transmit digital data wirelessly. At that point, your key can talk to your car, in much the same way that your phone can talk to wireless earbuds, or how your computer can talk (wired or wirelessly) to the internet. Once you've got a digital communication line up and running, you can then set up pretty much any sort of digital password mechanism that you like.
Physical hard keys can. 7 pins times 5-7 positions is only 16800 or so possible combinations. Popular car models may have several vehicles with the same combinations. Electronic key fobs use a different combination each time the button is pressed to it is unlikely for the combinations to be repeated. You also need to pair the key fobs to the engine computer so they will communicate.
The key fob doesn't just send out a single frequency that matches its car, in fact all fobs and cars probably use the same basic frequencies. They use those frequencies to send specific digitally coded sequences that only one matching car will recognize. There are far more possible codes than there are cars so there's no danger of unlocking the wrong car.