Sciweavers

FSE
2008
Springer

Algebraic and Slide Attacks on KeeLoq

14 years 29 days ago
Algebraic and Slide Attacks on KeeLoq
KeeLoq is a block cipher used in wireless devices that unlock the doors and alarms in cars manufactured by Chrysler, Daewoo, Fiat, GM, Honda, Jaguar, Toyota, Volvo, Volkswagen, etc [8, 9, 33, 34]. KeeLoq is inexpensive to implement and economical in gate count, yet according to Microchip [33] it should have "a level of security comparable to DES". In this paper we present several distinct attacks on KeeLoq, each of them is interesting for different reasons. First we show that when about 232 known plaintexts are available, KeeLoq is very weak and for example for 30 % of all keys the full key can be recovered with complexity of 228 KeeLoq encryptions. Then we turn our attention to algebraic attacks with the major challenge of breaking KeeLoq given potentially a very small number of known plaintexts. Our best "direct" algebraic attack can break up to 160 rounds of KeeLoq. Much better results are achieved in combination with slide attacks. Given about 216 known plaintex...
Nicolas Courtois, Gregory V. Bard, David Wagner
Added 26 Oct 2010
Updated 26 Oct 2010
Type Conference
Year 2008
Where FSE
Authors Nicolas Courtois, Gregory V. Bard, David Wagner
Comments (0)