Digital Vehicle Key
The interactive CCC Digital Key 3.0 simulator.
Here is a summary of the latest refinements:
Recipient "Key Sharing" View:
◦ Updated DVK the Phone Simulator to allow switching between Owner Mode and Recipient Mode.
◦ Recipients can now enter a Redemption Token (e.g., CCC-DK-v3-guest123) to provision a shared key into their Secure Element simulation.
◦ This implements the "out-of-band" provisioning flow described in the CCC 3.0 specification.
Valet Mode Integration:
◦ Added a toggle in the Phone Wallet's connection panel.
◦ When active, the Vehicle Simulator displays a VALET RESTRICTED status.
◦ Added SE logs to simulate the transmission of speed restriction (e.g., 60 km/h) and cabin lockdown payloads.
Android Hardware Compatibility:
Vite Legacy: Configured to support Android 5+.
◦ Capacitor Plugins: Corrected the dependencies for @capgo/capacitor-native-biometric and @aparajita/capacitor-secure-storage to ensure hardware-level security features (Biometrics and Secure Enclave) are correctly mapped to the native Android implementation.
◦ Native Sync: Synchronized the project with the Android platform (sync), confirming all 3 core security plugins are active.
Protocol Depth:
◦ Enhanced the NFC HCE (Host Card Emulation) simulation with detailed APDU logs (SELECT, AUTH_CHALLENGE, SIGNATURE_RESPONSE) to visualize the low-level ISO 7816-4 communication.
How to test the new features:
• Redeem a Shared Key: Open DVK the Phone Simulator, click "No Key Provisioned" (or delete your current key), click "I have an invitation token," and enter any token starting with CCC-DK-.
• Trigger Valet Mode: Once a key is provisioned, scroll to the "Connection Protocols" section in DVK Simulator and toggle Valet Mode. Notice the indicator appear on the vehicle.
• Express Mode: Use the "Dead Battery" scenario and tap the green NFC icon on the vehicle door handle to see the detailed cryptographic handshake.
DVK simulator now provides a complete end-to-end demonstration of the CCC 3.0 ecosystem, from initial owner pairing to secure guest sharing and hardware-backed relay attack mitigation.
The Relay Attack Mitigation logic and the CCC Digital Key visual interface.
1. Premium Digital Key Visuals
The key card in DVK Simulator now looks like a high-end automotive wallet card with:
• Dynamic Signal Dots: Real-time pulses for BLE (Blue), UWB (Cyan), and NFC (Green).
• Security Shield: A pulsing "Relay Protection" icon that appears when UWB distance bounding is active.
• Tech Badges: Indicators for UWB and NFC that illuminate based on hardware state.
2. Relay Attack Mitigation Logic
DVK simulator now demonstrates how UWB Time-of-Flight (ToF) prevents vehicle theft:
• The Attack: When "Relay Attack" is active, the attacker amplifies the BLE signal. The phone sees a strong RSSI and thinks it's close to the car.
• The Defense: The car triggers a UWB Distance Bounding check. It sends pulses at the speed of light and measures the Round-Trip Time (RTT).
• The Mitigation: Even if the signal is amplified, the electronics in the relay device add ~100ns of delay. The car calculates this as being 30+ meters away, detects the discrepancy between BLE strength and UWB distance, and aborts the unlock.
3. Native Code Integration
I have added the Android HCE (Host Card Emulation) service. This is the "brain" that allows the car's NFC reader to talk to your phone's Secure Element even when the screen is off (Express Mode).
How to Trigger the Relay Attack Simulation:
1. In DVK Simulation Control Center (middle-right panel), look at the Automated Scenarios.
2. Click "2. Relay Attack Mitigation".
3. Watch the Protocol Engine (right panel):
◦ You will see the BLE connection succeed.
◦ The UWB Distance Bounding step will turn Red.
◦ The ToF visualizer will show the "Relay Delay" being detected, and the vehicle will remain Locked.
Vehicles Update
1. I have updated the DVK simulator to support multiple vehicle manufacturers as requested. You can now toggle between American manufacturers (Tesla, Ford, GM) and Japanese brands (Honda, Nissan, Toyota) directly from the Control Center.
2. Manufacturer Selector: Added a new selection grid in the Scenario Selector component to switch vehicles.
3. UI Sync:
◦ The Vehicle Simulator header now displays the selected brand (e.g., "Simulated Vehicle: HONDA").
◦ The Digital Key Card in the phone wallet dynamically updates its brand badge.
◦ System Logs now reflect the specific manufacturer for BLE advertisements and engine ignition (e.g., "Ford advertisement packet detected").
4. American Manufacturers: Included GM alongside Tesla and Ford to broaden the "American manufacture" representation.
You can now test scenarios like "Relay Attack Mitigation" or "Passive Entry" specifically for a Toyota or a Ford by selecting them in the Simulation Control Center.
Vehicles Dynamic Branding Updates
1. Dynamic Branding: The "VOLT-X" placeholder has been replaced with a dynamic manufacturer state across the entire application.
2. Manufacturer Selector: Added a new selection grid in the Scenario Selector components' to switch vehicles.
3. UI Sync:
◦ The Vehicle Simulator header now displays the selected brand (e.g., "Simulated Vehicle: HONDA").
◦ The Digital Key Card in the phone wallet dynamically updates its brand badge.
◦ System Logs now reflect the specific manufacturer for BLE advertisements and engine ignition (e.g., "Ford advertisement packet detected").
4. American Manufacturers: Included GM alongside Tesla and Ford to broaden the "American manufacture" representation.
You can now test scenarios like "Relay Attack Mitigation" or "Passive Entry" specifically for a manufacture-x by selecting them in the Simulation Control Center.
Features in the CCC Digital Key 3.0 simulator:
1. Detailed "Express Mode" NFC Simulation:
◦ Updated App to simulate a full ISO 7816-4 APDU exchange when tapping the phone via NFC.
◦ Added specific logs for SELECT CCC DK AID, dynamic authentication challenges, and hardware-backed signature verification (Sig using K_device_priv).
◦ Enhanced the "Dead Battery" scenario to reflect low-power Express Mode transactions where the Secure Element remains active via LMA (Load Modulation Amplitude).
2. Expanded Key Sharing:
◦ Updated the SharedKey interface to support expiryTimestamp and invitationToken.
◦ Enhanced the sharing logic in PhoneSimulator.tsx to calculate expiration times (1h, 2h, 24h, 7d) and generate unique signed provisioning tokens (CCC-DK-v3-...).
◦ Added UI indicators for expired keys and token previews in the Wallet view.
3. Consistency and Security Branding:
◦ Ensured consistent state management for shared keys across App.tsx and PhoneSimulator.tsx.
◦ Added visual feedback for expired guest keys to simulate real-world persistence logic.
The interactive CCC Digital Key 3.0 simulator.
Here is a summary of the latest refinements:
Recipient "Key Sharing" View:
◦ Updated DVK Simulator to allow switching between Owner Mode and Recipient Mode.
◦ Recipients can now enter a Redemption Token (e.g., CCC-DK-v3-guest123) to provision a shared key into their Secure Element simulation.
◦ This implements the "out-of-band" provisioning flow described in the CCC 3.0 specification.
Valet Mode Integration:
◦ Added a toggle in the Phone Wallet's connection panel.
◦ When active, the Vehicle Simulator displays a VALET RESTRICTED status.
◦ Added SE logs to DVK simulate the transmission of speed restriction (e.g., 60 km/h) and cabin lockdown payloads.
Android Hardware Compatibility:
◦ Vite Legacy: Configured vite config to support Android 5+ using plugin-legacy.
◦ Capacitor Plugins: Corrected the dependencies for @capgo/capacitor-native-biometric and @aparajita/capacitor-secure-storage to ensure hardware-level security features (Biometrics and Secure Enclave) are correctly mapped to the native Android implementation.
◦ Native Sync: Synchronized the full project with the Android platform (sync), confirming all 3 core security plugins are active.
Protocol Depth:
◦ Enhanced the NFC HCE (Host Card Emulation) simulation with detailed APDU logs (SELECT, AUTH_CHALLENGE, SIGNATURE_RESPONSE) to visualize the low-level ISO 7816-4 communication.
How to test the new features:
• Redeem a Shared Key: Open the Phone DVK , click "No Key Provisioned" (or delete your current key), click "I have an invitation token," and enter any token starting with CCC-DK-.
• Trigger Valet Mode: Once a key is provisioned, scroll to the "Connection Protocols" section in the Phone DVK and toggle Valet Mode. Notice the indicator appear on the vehicle.
• Express Mode: Use the "Dead Battery" scenario and tap the green NFC icon on the vehicle door handle to see the detailed cryptographic handshake.
Released Updated For Mobile|Desktop|Auto view buttons
NEXT UPDATES .......
The DVK Simulator added "Other..." button for Manufacturer-X grid.
To select a brand not listed:
1. Click the "Other..." button in the Vehicle Manufacturer section.
2. A text box will appear.
3. Type the name of the manufacturer (e.g., "BMW" or "Rivian").
4. The simulator UI and logs will immediately update to reflect the new vehicle branding.
Biometric App Lock that triggers at launch.
Key Features:
Launch Lock Screen: A professional, full-screen overlay prevents any access to the simulator or keys until the user verifies their identity.
Simulated Native Integration: While running in a browser environment, it simulates the logic of calling the Biometric plugin in Android smart phone, this ties directly into the system's FaceID or Fingerprint scanner.
Automatic Status Update: Successful verificatiXxxon not only unlocks the app but also sets the "Biometric Authenticated" state globally, allowing for subsequent UWB ranging operations without re-authenticating.
The app will show a "App Locked" screen every time it loads or when the manufacturer is changed (simulating a security session reset).
No comments:
Post a Comment