Model 3 Key User Manual

[stopcrazypp]

The ability to speak plain english?

What i want to know, is when you walk back to your car with your phone broadcasting "Hi everybody, i'm Daves phone", does the car just say "Hi Daves phone, i'm unlocked", or does it say "If you really are Daves phone, riddle me this..."?

With a secure connection, the authentication is already done when the pairing is done (which would not need to be done everytime, only one time to pair the devices). Then the two devices communicate through a secure encrypted channel, without needing to re-authenticate.

A better analogy is that during pairing the phone and car learns a language which only they mutually understand. Then they speak to each other in that language (each time mentioning the time and a random number so that others eavesdropping in between can't replay the same message). This part can be handled in the bluetooth layer.

However, the Tesla manual mentions the app must be open, and the reason I suspect has to do with what has been discussed. You don't want the car to unlock as soon as it hears a message from the phone. Rather, the car/phone should communicate the estimated distance between each other and if it's determined to be close enough, then it unlocks. Otherwise it doesn't.

There may also be detection done to see if the user is moving closer to the vehicle or moving away from the vehicle.

 

[FlyingKiwi]

No bluetooth pairing just takes the work of the other device. Security is the entire point of having bluetooth pairing in the first place. That's why when you get a new phone you need to pair it with the car again, even if you've transferred all the software over. What level of security is sufficient for any particular application I couldn't say.

So all of that is handled in the bluetooth stack without the need to launch any additional code? Because then it should be a simple job to turn a bluetooth LE sports watch into another key.

 

[FlyingKiwi]

With a secure connection, the authentication is already done when the pairing is done (which would not need to be done everytime, only one time to pair the devices). Then the two devices communicate through a secure encrypted channel, without needing to re-authenticate.

A better analogy is that during pairing the phone and car learns a language which only they mutually understand. Then they speak to each other in that language (each time mentioning the time and a random number so that others eavesdropping in between can't replay the same message).

So in beacon mode the phone just broadcasts its MAC id or similar in plaintext, then the car just starts transmitting encrypted packets at it without a handshake? The encryption key is static across all sessions?

 

[stopcrazypp]

So in beacon mode the phone just broadcasts its MAC id or similar in plaintext, then the car just starts transmitting encrypted packets at it without a handshake? The encryption key is static across all sessions?

Yes there would be a session key exchanged, but that is not the long term authentication that is done during pairing.

The difference in the analogy for a session key versus authentication is that a session key is more like: "let's agree to use this key when communicating in this session", it's not asking "are you dave's phone?". The part establishing if it's "dave's phone" is when you do the pairing.

Note that under this layer, Tesla's app will likely have its own authentication and keys. I doubt it is relying completely on the general Bluetooth layer only.

 

[davedavedave]

The ability to speak plain english?

What i want to know, is when you walk back to your car with your phone broadcasting "Hi everybody, i'm Daves phone", does the car just say "Hi Daves phone, i'm unlocked", or does it say "If you really are Daves phone, riddle me this..."?

Ok - I'll try it this way: yup! . There's a little more back and forth chatter between the phone and the car, both directly and through secure back-channels so that they've agreed on the right magic decode rings, so nobody else phone or other device can try to impersonate you.

BTW, this is pretty much the way that specialized key fobs have worked for over two decades now, albeit with different protocols, radio frequencies, etc. All of these technologies are FCC approved and IEEE standardized - and NHTSA approved. While it may seem like magic, and magic can be scary - there's a LOT of people designing, engineering, testing and approving this stuff. It's not like the wild-west that is the whole of the interwebs

I'll add that the main difference with the way a Bluetooth stack in the car and your phone does this is that *you* are in control of which devices are authorized to authenticate, instead of having to pay a dealer $400+ to authorize a new proprietary key fob.

 

[SageBrush]

I'll add that the main difference with the way a Bluetooth stack in the car and your phone does this is that *you* are in control of which devices are authorized to authenticate, instead of having to pay a dealer $400+ to authorize a new proprietary key fob.

Amen

 

[blckccat]

I wonder if I can use my Apple Watch Series 2 to open and start the car. It mentions that I can use an iPod for the bluetooth key feature. This would definitely give me a peace in mind as my Apple Watch will always have juice for at least two days.

 

[K-MTG]

I tend to use iPhone cases that have slots for cards in the back. Can I wireless charge without removing them? Would the Tesla key be damaged by this?

Also can’t rf cards be cloned easily?

 

[stopcrazypp]

I tend to use iPhone cases that have slots for cards in the back. Can I wireless charge without removing them? Would the Tesla key be damaged by this?

Also can’t rf cars be cloned easily?

Can't answer first questions, but the latter is not true in general. It depends on the specific technology used in the card. If the card uses a read only approach (meaning the only function happening is the data on the card is read) it is relatively easy to clone. If it has a microchip that uses a challenge/response approach, it would be very difficult to clone.

 

[FlyingKiwi]

Note that under this layer, Tesla's app will likely have its own authentication and keys. I doubt it is relying completely on the general Bluetooth layer only.

Rats. There goes my chances of getting it working on my watch.

I tend to use iPhone cases that have slots for cards in the back. Can I wireless charge without removing them? Would the Tesla key be damaged by this?

Also can’t rf cars be cloned easily?

NFC is a way of providing comms and power, the chip in the NFC card could (and hopefully does) use strong cryptography

 

[cpa]

Then, if I understand all this jibber-jabber:

About 3-4 times per year my telephone connection to the car is lost. I presume this is the dread Bluetooth connection. Thus, it is imperative to have in our possession the key cards in order to access the car and drive. Otherwise, we are toast and the car is a brick.

Then it is a matter of remembering how to get the phone to reconnect to the car (or is it the car to reconnect to the phone) when next I stop.

 

[Runt8]

Then, if I understand all this jibber-jabber:

About 3-4 times per year my telephone connection to the car is lost. I presume this is the dread Bluetooth connection. Thus, it is imperative to have in our possession the key cards in order to access the car and drive. Otherwise, we are toast and the car is a brick.

Then it is a matter of remembering how to get the phone to reconnect to the car (or is it the car to reconnect to the phone) when next I stop.

Modern Bluetooth devices don’t just lose connection. Devices with crappy Bluetooth stacks have been known to do this. I can guarantee that tesla has a decent Bluetooth stack (people’s bluetooth key fobs in the S don’t just randomly disconnect), and any decent smartphone these days won’t have any problems.

 

[davedavedave]

Then, if I understand all this jibber-jabber:

About 3-4 times per year my telephone connection to the car is lost. I presume this is the dread Bluetooth connection. Thus, it is imperative to have in our possession the key cards in order to access the car and drive. Otherwise, we are toast and the car is a brick.

Then it is a matter of remembering how to get the phone to reconnect to the car (or is it the car to reconnect to the phone) when next I stop.

Probably ALWAYS a good idea to safeguard one NFC card and keep the other one on your person - they're like master-keys. You never know when you're phone could go kerplunk, get stolen or otherwise become unavailable.

As for Bluetooth connections getting clobbered - that is strange. As Runt8 suggests - sounds like squirrelly tech to me.

 

[davedavedave]

Rats. There goes my chances of getting it working on my watch.

Actually, I'd bet that Tesla puts out an official AppleWatch app... it's trivial to implement if you've already got an iPhone app.

NFC is a way of providing comms and power, the chip in the NFC card could (and hopefully does) use strong cryptography

I read in the docs posted the other day that it's NFC-A, and have been googling up on it some - there's some crypto going on for sure, but "strong" is always a relative word. Always best to keep RFID based tech in shielded storage.... I happen to like this wallet a lot for that: Obtanium. Flips open nice and quickly but keeps the cards safe....

 

[Waiting4M3]

Actually, I'd bet that Tesla puts out an official AppleWatch app... it's trivial to implement if you've already got an iPhone app.



I read in the docs posted the other day that it's NFC-A, and have been googling up on it some - there's some crypto going on for sure, but "strong" is always a relative word. Always best to keep RFID based tech in shielded storage.... I happen to like this wallet a lot for that: Obtanium. Flips open nice and quickly but keeps the cards safe....

$139 wallet?! What forum do you think this is? MS or MX?

 

[BluestarE3]

$139 wallet?! What forum do you think this is? MS or MX?

Despite the "Obtainium" name, maybe it's actually made from Unobtainium?

 

[ModelNforNerd]

You ahve to be logged in to authenticate the bluetooth host device to the car for the first time (and add the MAC address to the authorized devices list). The cell connection is kinda moot after that.

As a key, yes....it becomes moot, as Bluetooth LE will get you in the car and rolling along.


But for any remote functions (lock, unlock, pre-condition, set charging time, etc), you'll need a data connection.

 

[ModelNforNerd]

The ability to speak plain english?

What i want to know, is when you walk back to your car with your phone broadcasting "Hi everybody, i'm Daves phone", does the car just say "Hi Daves phone, i'm unlocked", or does it say "If you really are Daves phone, riddle me this..."?

In plain English, Dave's phone tells the car, "I'm Dave's phone, and this is that encrypted character string we shared at the Tesla Store when Dave paired us"....to which the car replies "hey, man, come on in..."


Not sure I could have gone more plain than that.....LOL

 

[stopcrazypp]

As a key, yes....it becomes moot, as Bluetooth LE will get you in the car and rolling along.

But for any remote functions (lock, unlock, pre-condition, set charging time, etc), you'll need a data connection.

Actually I don't think that is necessarily true. Any "fob" actions (like lock, unlock, open trunk, open frunk) should theoretically be possible even without a data connection.

 

[Runt8]

Actually I don't think that is necessarily true. Any "fob" actions (like lock, unlock, open trunk, open frunk) should theoretically be possible even without a data connection.

Would be interesting to find out if these actions can communicated over Bluetooth In addition to the data connection. I don’t see any technical reason why this wouldn’t be the case, Tesla would just have to program the app to do it.