Linear slide attacks on the KeeLoq block cipher

Andrey Bogdanov

Linear slide attacks on the KeeLoq block cipher

Andrey Bogdanov

Ruhr University Bochum

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

KeeLoq is a block cipher used in numerous widespread passive entry and remote keyless entry systems as well as ill various component identification applications. The KeeLoq algorithm has a 64-bit key and operates on 32-bit blocks. It is based oil all NLFSR with a nonlinear feedback function of 5 variables. In this paper new key recovery attacks on KeeLoq are proposed. The first one has a complexity of about 2(50.6) KeeLoq encryptions. The second attack finds the key in 2(37) encryptions and works for the whole key space. In our attacks we use the techniques of guess-and-determine, slide, and linear attacks as well as cycle structure analysis. Both attacks need 2(32) known plaintext-ciphertext pairs. We also analyze the KeeLoq key management and authentication protocols applied in rolling-code and IFF access systems widely used in real-world applications. We demonstrate several practical vulnerabilities.

Original language	English
Title of host publication	Information Security and Cryptology
Publisher	Springer
Publication date	2008
Pages	66-80
ISBN (Print)	978-3-540-79498-1
ISBN (Electronic)	978-3-540-79499-8
Publication status	Published - 2008
Externally published	Yes
Event	3rd SKLOIS Conference, Inscrypt 2007 - Xining, China Duration: 31 Aug 2007 → 5 Sep 2007

Conference

Conference	3rd SKLOIS Conference, Inscrypt 2007
Country/Territory	China
City	Xining
Period	31/08/2007 → 05/09/2007

Series	Lecture Notes in Computer Science
Volume	4990
ISSN	0302-9743

OpenUrl availability

Full text

Cite this

@inproceedings{5a20ba4a3d4841ecb1e382a657b6aac2,

title = "Linear slide attacks on the KeeLoq block cipher",

abstract = "KeeLoq is a block cipher used in numerous widespread passive entry and remote keyless entry systems as well as ill various component identification applications. The KeeLoq algorithm has a 64-bit key and operates on 32-bit blocks. It is based oil all NLFSR with a nonlinear feedback function of 5 variables. In this paper new key recovery attacks on KeeLoq are proposed. The first one has a complexity of about 2(50.6) KeeLoq encryptions. The second attack finds the key in 2(37) encryptions and works for the whole key space. In our attacks we use the techniques of guess-and-determine, slide, and linear attacks as well as cycle structure analysis. Both attacks need 2(32) known plaintext-ciphertext pairs. We also analyze the KeeLoq key management and authentication protocols applied in rolling-code and IFF access systems widely used in real-world applications. We demonstrate several practical vulnerabilities.",

author = "Andrey Bogdanov",

year = "2008",

language = "English",

isbn = "978-3-540-79498-1",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "66--80",

booktitle = "Information Security and Cryptology",

note = "3rd SKLOIS Conference, Inscrypt 2007 ; Conference date: 31-08-2007 Through 05-09-2007",

}

TY - GEN

T1 - Linear slide attacks on the KeeLoq block cipher

AU - Bogdanov, Andrey

PY - 2008

Y1 - 2008

N2 - KeeLoq is a block cipher used in numerous widespread passive entry and remote keyless entry systems as well as ill various component identification applications. The KeeLoq algorithm has a 64-bit key and operates on 32-bit blocks. It is based oil all NLFSR with a nonlinear feedback function of 5 variables. In this paper new key recovery attacks on KeeLoq are proposed. The first one has a complexity of about 2(50.6) KeeLoq encryptions. The second attack finds the key in 2(37) encryptions and works for the whole key space. In our attacks we use the techniques of guess-and-determine, slide, and linear attacks as well as cycle structure analysis. Both attacks need 2(32) known plaintext-ciphertext pairs. We also analyze the KeeLoq key management and authentication protocols applied in rolling-code and IFF access systems widely used in real-world applications. We demonstrate several practical vulnerabilities.

AB - KeeLoq is a block cipher used in numerous widespread passive entry and remote keyless entry systems as well as ill various component identification applications. The KeeLoq algorithm has a 64-bit key and operates on 32-bit blocks. It is based oil all NLFSR with a nonlinear feedback function of 5 variables. In this paper new key recovery attacks on KeeLoq are proposed. The first one has a complexity of about 2(50.6) KeeLoq encryptions. The second attack finds the key in 2(37) encryptions and works for the whole key space. In our attacks we use the techniques of guess-and-determine, slide, and linear attacks as well as cycle structure analysis. Both attacks need 2(32) known plaintext-ciphertext pairs. We also analyze the KeeLoq key management and authentication protocols applied in rolling-code and IFF access systems widely used in real-world applications. We demonstrate several practical vulnerabilities.

M3 - Article in proceedings

SN - 978-3-540-79498-1

T3 - Lecture Notes in Computer Science

SP - 66

EP - 80

BT - Information Security and Cryptology

PB - Springer

T2 - 3rd SKLOIS Conference, Inscrypt 2007

Y2 - 31 August 2007 through 5 September 2007

ER -

Linear slide attacks on the KeeLoq block cipher

Abstract

Conference

OpenUrl availability

Fingerprint

Cite this