Slide Attacks with a Known-Plaintext Cryptanalysis
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Analytic Combinatorics
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Sliding properties of the DES key schedule and potential extensions to the slide attacks
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
About the XL algorithm over GF(2)
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
An analysis of the Hermes8 stream ciphers
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
General principles of algebraic attacks and new design criteria for cipher components
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Applications of SAT solvers to cryptanalysis of hash functions
SAT'06 Proceedings of the 9th international conference on Theory and Applications of Satisfiability Testing
Perfect block ciphers with small blocks
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Reflection Cryptanalysis of Some Ciphers
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Breaking KeeLoq in a Flash: On Extracting Keys at Lightning Speed
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Practical Algebraic Attacks on the Hitag2 Stream Cipher
ISC '09 Proceedings of the 12th International Conference on Information Security
Crypto Engineering: Some History and Some Case Studies
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Dismantling SecureMemory, CryptoMemory and CryptoRF
Proceedings of the 17th ACM conference on Computer and communications security
Fast exhaustive search for polynomial systems in F2
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Algebraic side-channel analysis in the presence of errors
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
PET SNAKE: a special purpose architecture to implement an algebraic attack in hardware
Transactions on computational science X
An improvement of linearization-based algebraic attacks
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
Random permutation statistics and an improved slide-determine attack on keeloq
Cryptography and Security
Self-similarity attacks on block ciphers and application to keeloq
Cryptography and Security
Cube cryptanalysis of hitag2 stream cipher
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Algebraic cryptanalysis of the round-reduced and side channel analysis of the full PRINTCipher-48
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Gone in 360 seconds: Hijacking with Hitag2
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Fundamenta Informaticae - Cryptology in Progress: 10th Central European Conference on Cryptology, Będlewo Poland, 2010
Light-weight primitive, feather-weight security: a cryptanalytic knock-out
Proceedings of the Workshop on Embedded Systems Security
| Hi-index | 0.00 |
KeeLoq is a block cipher used in wireless devices that unlock the doors and alarms in cars manufactured by Chrysler, Daewoo, Fiat, GM, Honda, Jaguar, Toyota, Volvo, Volkswagen, etc [8,9,33,34]. KeeLoq is inexpensive to implement and economical in gate count, yet according to Microchip [33] it should have "a level of security comparable to DES".In this paper we present several distinct attacks on KeeLoq, each of them is interesting for different reasons. First we show that when about 232known plaintexts are available, KeeLoq is very weak and for example for 30% of all keys the full key can be recovered with complexity of 228KeeLoq encryptions. Then we turn our attention to algebraic attacks with the major challenge of breaking KeeLoq given potentially a very small number of known plaintexts.Our best "direct" algebraic attack can break up to 160 rounds of KeeLoq. Much better results are achieved in combination with slide attacks. Given about 216known plaintexts, we present a slide-algebraic attack that uses a SAT solver with the complexity equivalent to about 253KeeLoq encryptions. To the best of our knowledge, this is the first time that a full-round real-life block cipher is broken using an algebraic attack.