宝马数字车钥匙数据分析

宝马数字车钥匙数据分析

文章目录

  • 宝马数字车钥匙数据分析
  • 前言
  • 一、宝马数字车钥匙的标准
  • 二、快速交易数据分析
    • 1.空口RF包
      • 1.1 选择命令
      • 1.2 Auth0命令
    • 2.Auth0数据解读
      • 2.1命令解读
      • 2.1响应解读
    • 3.Auth0命令核实
    • 4.Auth0命令时间
  • 三、NFC配对与标准交易
    • 1.空口RF包
      • SELECT Delay: 42,466.4 µs
      • OP CONTROL FLOW Delay: 406,950.3 µs
      • SPAKE2+ REQUEST Delay: 422,634.8 µs
      • OP CONTROL FLOW Delay: 354,418.7 µs
      • SPAKE2+ VERIFY Delay: 266,546.5 µs
      • WRITE DATA Delay: 161,576.5 µs
      • WRITE DATA Delay: 147,282.0 µs
      • WRITE DATA Delay: 142,659.9 µs
      • WRITE DATA Delay: 158,994.1 µs
      • WRITE DATA Delay: 135,785.0 µs
      • WRITE DATA Delay: 45,894.7 µs
      • WRITE DATA Delay: 48,078.2 µs
      • WRITE DATA Delay: 38,264.9 µs
      • OP CONTROL FLOW Delay: 24,123.5 µs
      • SELECT Delay: 85,630.1 µs
      • GET DATA Delay: 42,682.6 µs
      • GET RESPONSE Delay: 97,867.1 µs
      • GET DATA Delay: 461,185.1 µs
      • GET RESPONSE Delay: 123,039.4 µs
      • GET DATA Delay: 462,373.6 µs
      • GET RESPONSE Delay: 109,077.9 µs
      • GET RESPONSE Delay: 97,575.7 µs
      • GET DATA Delay: 449,645.7 µs
      • WRITE DATA Delay: 263,488.2 µs
      • WRITE DATA Delay: 47,639.3 µs
      • OP CONTROL FLOW Delay: 31,186.1 µs
      • OP CONTROL FLOW Delay: 25,940.9 µs
      • SELECT Delay: 84,368.4 µs
      • AUTH0 Delay: 253,674.8 µs
      • AUTH1 Delay: 269,578.6 µs
      • CONTROL FLOW Delay: 358,324.3 µs
      • EXCHANGE Delay: 84,954.7 µs
      • CONTROL FLOW Delay: 31,933.2 µs
  • 总结


前言

宝马官方APP发布信息2022年11月,宝马NFC数字车钥匙将会适配华为,荣耀,小米,OPPO,ViVo,加上本来就是官方最佳搭配的苹果,宝马数字车钥匙终于完成了手机NFC数字车钥匙的生态布局。

一、宝马数字车钥匙的标准

宝马数字车钥匙一直宣称是CCC标准,一直新闻听说,今天实际RFLog抓包证明确实是CCC标准,尤其提前完成了配对和标准交易,今天抓包只能抓快速交易,后面有机会再删除钥匙重新走配对和标准交易。

二、快速交易数据分析

1.空口RF包

1.1 选择命令

Raw command (19 bytes)
00 A4 04 00 0D A0 00 00 08 09 43 43 43 44 4B 41 76 31 00
Raw response (6 bytes)
5C 02 01 00 90 00

1.2 Auth0命令

Raw command (105 bytes)
80 80 01 02 63 5C 02 01 00 87 41 04 DD B5 40 5F 5E A7 F2 93 BD 2B 73 17 99 0C 4E 4E 4D D0 2F D6 D5 19 83 AF F8 7C C1 48 D2 C9 3F 32 73 25 C5 14 ED C3 49 4C 84 73 9B 57 5E 82 73 47 FC 4C 94 E2 59 FD 3A 1F D4 CA C8 D5 1E 0A 5F FB 4C 10 50 01 90 AC 9C 1C 59 9D F7 EF F7 1D F6 DB B5 E9 4D 08 65 AC 76 24 A7 22 AA 8C 00
Raw response (87 bytes)
86 41 04 16 20 F4 06 99 01 E7 28 85 22 1A 4C FA 7E C2 4C 2B EB D6 86 60 C0 EB 40 51 C3 F2 5C 18 B6 1E B3 18 D1 10 B2 87 5F 13 49 D1 65 6F 1A 91 05 45 39 53 9F AA AC AC 7F D1 25 6D 41 3A 8A 8B AD 1D 6B 9D 10 CA 9E C9 12 7D 51 E1 FD 07 44 9F 6F 10 44 D9 6B 90 00

2.Auth0数据解读

2.1命令解读

Command (CLA, INS, P1, P2) 80 80 01 02
Translated Command Data
Digital Key applet protocol version
01 00
vehicle_ePK prepended by 04h
04 DD B5 40 5F 5E A7 F2 93 BD 2B 73 17 99 0C 4E 4E 4D D0 2F D6 D5 19 83 AF F8 7C C1 48 D2 C9 3F 32 73 25 C5 14 ED C3 49 4C 84 73 9B 57 5E 82 73 47 FC 4C 94 E2 59 FD 3A 1F D4 CA C8 D5 1E 0A 5F FB
transaction_identifier (randomly generated)
50 01 90 AC 9C 1C 59 9D F7 EF F7 1D F6 DB B5 E9
vehicle_identifier
65 AC 76 24 A7 22 AA 8C

2.1响应解读

Translated Response Data
endpoint_ePK, the applet generated ephemeral public key prepended by 04h
04 16 20 F4 06 99 01 E7 28 85 22 1A 4C FA 7E C2 4C 2B EB D6 86 60 C0 EB 40 51 C3 F2 5C 18 B6 1E B3 18 D1 10 B2 87 5F 13 49 D1 65 6F 1A 91 05 45 39 53 9F AA AC AC 7F D1 25 6D 41 3A 8A 8B AD 1D 6B
cryptogram, the authentication cryptogram returned by the endpoint
CA 9E C9 12 7D 51 E1 FD 07 44 9F 6F 10 44 D9 6B

3.Auth0命令核实

参考规范表
Table 15-28: AUTH0 Command Payload
5Ch 2 protocol_version, the Digital Key applet protocol version mandatory
87h 65 vehicle_ePK prepended by 04h mandatory
4Ch 16 transaction_identifier (randomly generated) mandatory
4Dh 8 vehicle_identifier (see Section 15.2) mandatory
Table 15-29: AUTH0 Response Payload
Tag Length (bytes) Description Field is
86h 65 endpoint_ePK, the applet generated ephemeral public key mandatory
9Dh 16 cryptogram, the authentication cryptogram returned conditional

4.Auth0命令时间

44 AUTH0 Delay: 4,854.3 µs
Direction.FromPcd
80 80 01 02 63 5C 02 01 00 87 41 04 DD B5 40 5F 5E A7… Start: 4,326,869.2 µs
Direction.FromPicc
86 41 04 16 20 F4 06 99 01 E7 28 85 22 1A 4C FA 7E C2 … End: 4,443,474.0 µs

三、NFC配对与标准交易

1.空口RF包

SELECT Delay: 42,466.4 µs

Direction.FromPcd
00 A4 04 00 0D A0 00 00 08 09 43 43 43 44 4B 46 76 [19] Start: 48,709,003.2 µs
Direction.FromPicc
5A 02 01 00 5C 02 01 00 D4 01 02 90 00 [13] End: 48,742,006.9 µs

OP CONTROL FLOW Delay: 406,950.3 µs

Direction.FromPcd
80 3C 10 0F [4] Start: 49,148,957.2 µs
Direction.FromPicc
90 00 [2] End: 49,166,636.9 µs

SPAKE2+ REQUEST Delay: 422,634.8 µs

Direction.FromPcd
80 30 00 00 2F 5B 02 01 00 5C 02 01 00 7F 50 20 C0 [53] Start: 49,589,271.7 µs
Direction.FromPicc
50 41 04 A5 1F 1C 78 DF F9 8C C1 3F F0 7C EF 74 36 [69] End: 49,734,544.5 µs

OP CONTROL FLOW Delay: 354,418.7 µs

Direction.FromPcd
80 3C 10 0F [4] Start: 50,088,963.1 µs
Direction.FromPicc
90 00 [2] End: 50,102,933.5 µs

SPAKE2+ VERIFY Delay: 266,546.5 µs

Direction.FromPcd
80 32 00 00 55 52 41 04 E2 BA CC 72 A5 CD 19 03 04 [91] Start: 50,369,479.9 µs
Direction.FromPicc
58 10 2E 19 27 D2 5F BB 80 2B B4 55 3D FD DD 08 EB [20] End: 50,478,886.3 µs

WRITE DATA Delay: 161,576.5 µs

Direction.FromPcd
84 D4 00 00 E8 59 07 AA 92 ED 02 E8 F9 0B 29 39 6A [238] Start: 50,640,462.8 µs
Direction.FromPicc
BF 6C D9 A3 C8 1B 66 58 90 00 [10] End: 50,693,257.5 µs

WRITE DATA Delay: 147,282.0 µs

Direction.FromPcd
84 D4 00 00 F8 9E FE 3D 39 7A FE 86 ED 14 5B C1 4F [254] Start: 50,840,539.5 µs
Direction.FromPicc
3C C5 7D 57 71 61 67 98 90 00 [10] End: 50,897,805.3 µs

WRITE DATA Delay: 142,659.9 µs

Direction.FromPcd
84 D4 00 00 E8 85 A1 42 82 22 74 9E 0D B0 A3 61 55 [238] Start: 51,040,465.2 µs
Direction.FromPicc
B4 B9 53 7A B7 F0 EC D3 90 00 [10] End: 51,091,532.4 µs

WRITE DATA Delay: 158,994.1 µs

Direction.FromPcd
84 D4 00 00 F8 63 10 3A 46 DF 77 2A CB E2 46 27 0A [254] Start: 51,250,526.5 µs
Direction.FromPicc
74 1B BF B6 EC 27 AB 01 90 00 [10] End: 51,304,572.8 µs

WRITE DATA Delay: 135,785.0 µs

Direction.FromPcd
84 D4 00 00 D8 FD F2 47 2A 8E A7 CA E7 96 18 3C DC [222] Start: 51,440,357.8 µs
Direction.FromPicc
CE 08 DD CE 1B 88 CA 60 90 00 [10] End: 51,493,354.6 µs

WRITE DATA Delay: 45,894.7 µs

Direction.FromPcd
84 D4 00 00 28 40 FE 4A 14 BF F5 BE 32 80 9F 72 38 [46] Start: 51,539,249.3 µs
Direction.FromPicc
74 41 37 B4 00 58 11 7E 90 00 [10] End: 51,561,148.7 µs

WRITE DATA Delay: 48,078.2 µs

Direction.FromPcd
84 D4 00 00 28 4F F0 BF 1C 45 19 A1 20 F4 FB 19 EC [46] Start: 51,609,226.8 µs
Direction.FromPicc
97 E7 77 92 3F 69 2A 8F 90 00 [10] End: 51,630,865.8 µs

WRITE DATA Delay: 38,264.9 µs

Direction.FromPcd
84 D4 80 00 18 D3 98 AD D4 16 73 AA 71 FD 07 D3 33 [30] Start: 51,669,130.7 µs
Direction.FromPicc
59 1C 25 B5 13 E5 5E 23 90 00 [10] End: 51,694,843.8 µs

OP CONTROL FLOW Delay: 24,123.5 µs

Direction.FromPcd
80 3C 10 01 [4] Start: 51,718,967.3 µs
Direction.FromPicc
90 00 [2] End: 51,734,381.6

SELECT Delay: 85,630.1 µs

Direction.FromPcd
00 A4 04 00 0D A0 00 00 08 09 43 43 43 44 4B 46 76 [19] Start: 54,559,090.6 µs
Direction.FromPicc
5A 02 01 00 5C 02 01 00 D4 01 02 90 00 [13] End: 54,606,491.7 µs

GET DATA Delay: 42,682.6 µs

Direction.FromPcd
84 CA 00 00 18 25 C9 E3 77 C6 5C CC F0 C8 F0 EA 20 [30] Start: 54,649,174.3 µs
Direction.FromPicc
AD C5 C2 0D 86 82 0E FD 64 29 38 7B 15 47 7D F0 7A [250] End: 54,701,190.4 µs

GET RESPONSE Delay: 97,867.1 µs

Direction.FromPcd
84 C0 00 00 08 99 5D 44 A3 2B 0E 10 F7 00 [14] Start: 54,799,057.5 µs
Direction.FromPicc
1C 63 B0 0A E4 EE 9C 69 AE 11 8A 27 98 4E FB 00 02 [202] End: 54,837,989.8 µs

GET DATA Delay: 461,185.1 µs

Direction.FromPcd
84 CA 00 00 18 F5 CF 3A 6F 8D F8 EC 92 DE 3E 91 07 [30] Start: 55,299,174.9 µs
Direction.FromPicc
81 DD 8A BC 89 FE 40 [7] End: 55,326,058.3 µs

GET RESPONSE Delay: 123,039.4 µs

Direction.FromPcd
84 C0 00 00 08 C6 CA D3 A2 15 83 85 4E 00 [14] Start: 55,449,097.6 µs
Direction.FromPicc
FE 65 06 C6 5C A4 FB 1D 41 8F CC 5E 35 69 8C 80 C2 [218] End: 55,486,789.5

GET DATA Delay: 462,373.6 µs

Direction.FromPcd
84 CA 00 00 18 20 11 A8 32 4E 53 73 6E 54 38 C2 EB [30] Start: 55,949,163.1 µs
Direction.FromPicc
CF 39 2F 58 85 BA 1E E6 8A 3A 8F 5F 12 8D 99 2C 05 [250] End: 56,000,003.8 µs

GET RESPONSE Delay: 109,077.9 µs

Direction.FromPcd
84 C0 00 00 08 8E 2F 98 34 1D D8 65 15 00 [14] Start: 56,109,081.7 µs
Direction.FromPicc
37 A3 2B 3D D5 78 37 23 BE BC 0F DC F9 8F EF EC 98 [250] End: 56,151,497.2 µs

GET RESPONSE Delay: 97,575.7 µs

Direction.FromPcd
84 C0 00 00 08 AC FA F7 B9 27 70 2E 9E 00 [14] Start: 56,249,072.9 µs
Direction.FromPicc
CE 5A 79 AB 20 32 84 5A B5 6D EE E7 C1 9E E4 93 B3 [170] End: 56,279,537.5 µs

GET DATA Delay: 449,645.7 µs

Direction.FromPcd
84 CA 00 00 18 16 47 06 62 98 C9 37 02 4D 5C 94 C5 [30] Start: 56,729,183.2 µs
Direction.FromPicc
EE EC 00 C0 75 75 48 C1 51 2C B7 FA 15 59 D9 91 5D [26] End: 56,746,126.8 µs

WRITE DATA Delay: 263,488.2 µs

Direction.FromPcd
84 D4 00 00 58 91 4F 0E 22 BD 7B 9C DF DC 8D 6D 4E [94] Start: 57,009,615.0 µs
Direction.FromPicc
CD 11 57 B7 F0 01 6F 82 90 00 [10] End: 57,041,542.7 µs

WRITE DATA Delay: 47,639.3 µs

Direction.FromPcd
84 D4 80 00 18 48 15 D3 EE DB 83 7C 7E F9 A1 90 6F [30] Start: 57,089,182.0 µs
Direction.FromPicc
35 84 77 51 C0 B7 A0 5F 90 00 [10] End: 57,107,838.3 µs

OP CONTROL FLOW Delay: 31,186.1 µs

Direction.FromPcd
80 3C 10 02 [4] Start: 57,139,024.5 µs
Direction.FromPicc
90 00 [2] End: 57,153,051.2 µs

OP CONTROL FLOW Delay: 25,940.9 µs

Direction.FromPcd
80 3C 11 11 [4] Start: 57,178,992.0 µs
Direction.FromPicc
90 00

SELECT Delay: 84,368.4 µs

Direction.FromPcd
00 A4 04 00 0D A0 00 00 08 09 43 43 43 44 4B 41 76 [19] Start: 59,989,179.1 µs
Direction.FromPicc
5C 02 01 00 90 00 [6] End: 60,006,009.3 µs

AUTH0 Delay: 253,674.8 µs

Direction.FromPcd
80 80 00 07 63 5C 02 01 00 87 41 04 0B 5C B4 E3 AE [105] Start: 60,259,684.1 µs
Direction.FromPicc
86 41 04 CA 14 8A B7 3B 3A AB 1D 79 59 D7 8A E7 04 [69] End: 60,369,864.7 µs

AUTH1 Delay: 269,578.6 µs

Direction.FromPcd
80 81 00 00 42 9E 40 36 35 63 CE 10 12 71 69 F2 82 [72] Start: 60,639,443.4 µs
Direction.FromPicc
48 A2 40 6D 8C 9D A1 78 15 1F 05 78 64 C8 ED 8E 4B [90] End: 60,770,699.0 µs

CONTROL FLOW Delay: 358,324.3 µs

Direction.FromPcd
80 3C 40 90 [4] Start: 61,129,023.3 µs
Direction.FromPicc
90 00 [2] End: 61,134,479.2 µs

EXCHANGE Delay: 84,954.7 µs

Direction.FromPcd
84 C9 00 00 38 9E D3 FE 0A 86 06 72 B0 1F B8 00 4D [62] Start: 61,219,433.9 µs
Direction.FromPicc
D2 87 C4 E0 13 83 8F 5B 90 00 [10] End: 61,277,103.7 µs

CONTROL FLOW Delay: 31,933.2 µs

Direction.FromPcd
80 3C 01 81 [4] Start: 61,309,036.9 µs
Direction.FromPicc
90 00

总结

配对和标准交易跟规范完全吻合,本来想像特斯拉一样模拟车和模拟数字钥匙进行交互,无奈CCC基于证书体系,无法实现模拟设备对真实的车或者真实的数字钥匙,有点小遗憾,但真实的数据更加确信宝马数字车钥匙的真实开门流程,对比特斯拉开门,宝马的核心认证运算也是一个非对称密码运算,然后SHA256获得KCmac的核心密钥,然后对Context : vehicle_PK.x || endpoint_PK.x || transaction_identifier || vehicle_identifier 进行密码运算获得16字节对称应答,对称运算时间比特斯拉单次时间长,所以总时间方面用苹果手机开门要100ms,猜想应该是这里多花了时间。整个数据包几乎一样,都是两个椭圆曲线点和一个对称密码认证,无论特斯拉还是宝马,都把椭圆曲线密码用得恰到好处,想当年到处推销椭圆曲线是多么的艰难,终于多年以后椭圆曲线密码迎来了属于它的辉煌!

你可能感兴趣的:(安全)