Physical Cryptanalysis

A complete break of the KeeLoq access control system.

Home FAQ More Info Contact
    The KeeLoq encryption algorithm is widely used for security relevant applications in the form of passive Radio Frequency Identification (RFID) transponders for physical access control systems, e.g., for garage door opening or building access.

    We present the first successful DPA (Differential Power Analysis) attacks on numerous commercially available products employing KeeLoq. These so-called side-channel attacks are based on measuring and evaluating the power consumption of a KeeLoq device during its operation. Using our techniques, an attacker can reveal not only the secret key of remote controls in less than one hour, but also the manufacturer key of the corresponding receivers in less than one day. Knowing the manufacturer key allows for creating an arbitrary number of valid new keys and generating new remote controls.

    We further propose a new eavesdropping attack for which monitoring of two ciphertexts, sent from a remote control employing KeeLoq code hopping (car key, garage door opener, etc.), is sufficient to recover the device key of the remote control. Hence, using the methods described by us, an attacker can clone a remote control from a distance and gain access to a target that is protected by the claimed to be "highly secure" KeeLoq algorithm.

    We consider our attacks to be of serious practical interest, as commercial KeeLoq access control systems can be overcome with modest effort.