Secure Arduino remote control / garage door opener

I want to build a device that I can wire into the 12v accessory line of my car that acts as sort of an active RFID tag. Once the device detects that the car has been turned on it automatically sends out a signal every few seconds. A receiver detects this signal and opens the garage door, once the car is a suitable distance outside the signal drops out and the receiver shuts the garage door. When the car approaches the door is automatically opened again.

I plan to use the common 315/433mhz modules available along with the VirtualWire library. Now, the issue is that I want the system to be reasonably secure and not be susceptible to replay attacks.

My implementation plan is as follows: 1. Have a pre-shared key stored in eeprom on both devices. 2. The PRNG on both devices is also seeded with a preshared value 3. When the car module is activated random() is called a bunch of times to generate a value the same length as the key. 4. This value is XOR'd against the key (128 bits or so?), then hashed (MD5?) and then sent over RF every second or so. 5. When the base station detects a transmission it does the same calculation and compares the hashes, if the hashes match then the door is opened. This also starts a timer, if no additional transmission is detected in a certain amount of time it is concluded that the car has gone out of range, the door is signaled to close and a new hash is calculated.

  1. The receiver then waits, when the car comes back into range it will receive the old hash, when this is detected it will send out a signal for the car to generate the next hash value.
  2. The car, receiving this computes the next value in the hash chain and begins transmitting this instead. If this matches the receiver computation the door opens again.
  3. Car is turned off, signal lost, repeat...

Is there a better way to do this? I don't know alot about crypto, How are challenge/response requests usually handled? Is it possible to sync the state of the PRNG between the two devices, so that even if one or the other looses power they will still generate the same numbers? Ie, can you save the 'state' of the PRNG to eeprom and load it back up?

Technology used in garage door controllers called "rolling code", proprietary as "Keeloq" by MicroChip.

Easier to buy a transmitter/ receiver set and use that.