1. The algorithm requires two-way communication. In a simple signaling (which shall be opened by the grabber) the data flow is unidirectional: the key FOB transmitter in the base unit receiver.
1.1 If we have a two-way channel that prevents use of normal cryptographic authentication protocols? Logic podskazyvet that modern signaling and done. A specific model will not name, very interesting. Manufacturers somehow hiding information about its protocols.
2. Passwords need not just in order but randomly (but making sure there was no repetition). Otherwise the following attack:
— The victim takes the car with the alarm. Keychain starts a session. The signaling prompts for a password number 100500. Keychain says the password and the command. Remember the number of.
— The victim gets in the car and go, follow it.
The victim puts the car on the alarm. Keychain starts a session. Put the hindrance, the base hears nothing.
Pretend to be a base and the required password number 100501. Keychain says the password and the command. Recordable.
The victim sees that nothing happened, and then he presses the button. Keychain starts a session. Again put the obstacle base again hears nothing.
Pretend to be a base and the required password number 100502. Keychain says the password and the command. Recordable.
Pretend to be a FOB and start the session. Database prompts for a password number 100501. Spoken password and command.
— The machine is armed, the victim leaves.
Pretend to be a FOB and start the session. Database prompts for a password number 100502. Spoken password and command. Our machine.
3. The keychain is poorly protected from copying. It's one thing to store a 128-bit key protected memory inside the crypto processor and the other hundreds of KB-megabytes of disposable keys. You will need an external flash drive, which can be easily read.
4. What to do when the keys still end? To reprogram the alarm? To generate a new one? And how them then to the FOB to fill? You should carefully consider this point.
5. How will the procedure of adding a new FOB?
In General the idea is good and with proper implementation will work reliably. But the devil, as always, in the details :)