KeeLoq and Electronic Access Control
In real estate and vehicles there is an increasing demand for the comfort of wireless technology. Transponders, contactless smartcards and remote door openers are widely employed to replace conventional mechanical key locking systems. Our scientific analyses show, that the mechatronic locking systems – although using mature mechanical security technology – often suffer from vulnerabilities within the electronic system, the employed cryptography or conceptual weaknesses. The protection mechanisms can then often be thwarted by means of rather simple and efficient methods, such that adversaries may, e.g., copy electronic keys or deactivate alarm systems.
At the example of the KeeLoq© system – a system widely employed for garage door remotes – and many other remote keyless entry systems, history has shown that the employed protection mechanisms fail to resist determined attackers. Due to the usage of radio interfaces the impact of successful attacks are much more severe than in conventional mechanical systems, as there is no need for an attacker to have physical access to the targeted system.
On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme. Thomas Eisenbarth, Timo Kasper, Amir Moradi, Christof Paar, Mahmoud Salmasizadeh, Mohammad T. Manzuri Shalmani. 28th International Cryptology Conference — CRYPTO 2008. Santa Barbara, California, USA. PDF
Breaking KeeLoq in a Flash. Markus Kasper, Timo Kasper, Amir Moradi, Christof Paar. 2nd International Conference on Cryptology in Africa, Progress in Cryptology – AFRICACRYPT 2009. Gammarth, Tunisia. PDF
A New Remote Keyless Entry System Resistant to Power Analysis Attacks. Amir Moradi, Timo Kasper. 7th International Conference on Information, Communications and Signal Processing, ICICS 2009. Macau, China. PDF
Cryptanalysis of KeeLoq with COPACOBANA. Martin Novotny, Timo Kasper. Special-purpose Hardware for Attacking Cryptographic Systems SHARCS 2009. Lausanne, Switzerland. PDF
Torschlusspanik: Sicherheitslücken durch Seitenkanalattacken. Thomas Eisenbarth, Timo Kasper, Christof Paar. iX Magazin für professionelle Informationstechnik Ausgabe 9/2008 (German)