CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Power Analysis Attacks of Modular Exponentiation in Smartcards
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Algebraic and Slide Attacks on KeeLoq
Fast Software Encryption
On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Practical power analysis attacks on software implementations of mceliece
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Power analysis of atmel cryptomemory --- recovering keys from secure EEPROMs
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Gone in 360 seconds: Hijacking with Hitag2
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Smart keys for cyber-cars: secure smartphone-based NFC-enabled car immobilizer
Proceedings of the third ACM conference on Data and application security and privacy
ACM Transactions on Information and System Security (TISSEC)
Security analysis of a widely deployed locking system
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.01 |
We present the first simple power analysis (SPA) of software implementations of KeeLoq . Our attack drastically reduces the efforts required for a complete break of remote keyless entry (RKE) systems based on KeeLoq . We analyze implementations of KeeLoq on microcontrollers and exploit timing vulnerabilities to develop an attack that allows for a practical key recovery within seconds of computation time, thereby significantly outperforming all existing attacks: Only one single measurement of a section of a KeeLoq decryption is sufficient to extract the 64 bit master key of commercial products, without the prior knowledge of neither plaintext nor ciphertext. We further introduce techniques for effectively realizing an automatic SPA and a method for circumventing a simple countermeasure, that can also be applied for analyzing other implementations of cryptography on microcontrollers.