Cryptanalysis of KeeLoq with COPACOBANA - CiteSeerX

Cryptanalysis of KeeLoq with COPACOBANA - CiteSeerX

Cryptanalysis of KeeLoq with COPACOBANA Martin Novotn´ y1 and Timo Kasper2 1 Faculty of Information Technology Czech Technical University in Prague Ko...

103KB Sizes 0 Downloads 5 Views

Recommend Documents

copacobana: reconfigurable computing in cryptanalysis
Nov 6, 2012 - http://www.maximrio.com/Images/copacabana/copacabana_beach_1.jpg. □. Key search layout and Deep Crack im

Cryptanalysis of White-Box DES Implementations with - CiteSeerX
Cryptanalysis of White-Box DES. Implementations with Arbitrary External. Encodings. Brecht Wyseur1, Wil Michiels2, Paul

Linear Hulls with Correlation Zero and Linear Cryptanalysis of Block
denote a balanced Feistel cipher counting i rounds and with φ an invertible function, cf. Fig. 2. Theorem 1 (Zero-corre

Crane: A Cryptanalysis Environment
können die Nullhypothese somit nicht verwerfen. □ ... Test eine Verwerfung ergeben, obwohl die Nullhypothese stimmt,

Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel
Abstract. Cryptanalysis of symmetric and asymmetric ciphers is computationally extremely de- manding. Since the security

Cryptanalysis of the Tiger Hash Function⋆
Cryptanalysis of the Tiger Hash Function⋆. Florian Mendel and Vincent Rijmen. Institute for Applied Information Proces

Quantum Cryptanalysis - DROPS - Schloss Dagstuhl
Serge Fehr, Michele Mosca, Martin Rötteler, Rainer Steinwandt ..... Joint work of Childs, Andrew M.; Kothari, Robin; Oz

Communication with Saudis - CiteSeerX
major cultural differences, this paper helps the reader understand how different concepts of time, the relevance of stat

Walking with video - CiteSeerX
homes', I used a method I have called the 'video tour'. (Pink 2004, 2005),7 whereby I walked around their homes with my

Prevalence of infection with carcinogenic human - CiteSeerX
ery Research Unit, Father Sean O'Sullivan Research Centre, St. Joseph's Hospital,. Hamilton, Ont. Ms. Karwalajtys and Dr

Cryptanalysis of KeeLoq with COPACOBANA Martin Novotn´ y1 and Timo Kasper2 1 Faculty of Information Technology Czech Technical University in Prague Kolejn´ı 550/2 160 00 Praha 6, Czech Republic email: [email protected] 2 Embedded Security Group Ruhr-University Bochum Universit¨ atsstrasse 150, 44801 Bochum, Germany email: [email protected]

Abstract. Many real-world car door systems and garage openers are based on the KeeLoq cipher. Recently, the block cipher has been extensively studied. Several attacks have been published, including a complete break of a KeeLoq access control system. It is possible to instantly override the security of all KeeLoq code-hopping schemes in which the secret key of a remote-control is derived from its serial number. The latter can be intercepted from the communication between a receiver and a transmitter. In contrast, if a random SEED is used for the key derivation, the cryptanalysis demands for higher computation power and may become infeasible with a standard PC. In this paper we develop a hardware architecture for the cryptanalysis of KeeLoq. Our brute-force attack, implemented on the Cost-Optimized Parallel Code-Breaker COPACOBANA, is able to reveal the secret key of a remote control in less than 0.5 seconds if a 32-bit seed is used and in less than 6 hours in case of a 48-bit seed. To obtain reasonable cryptographic strength against this type of attack, a 60-bit seed has to be used, for which COPACOBANA needs in the worst case about 1011 days for the key recovery. However, the attack is arbitrarily parallelizable and could thus be run on multiple COPACOBANAs to decrease the attack time.

Keywords: KeeLoq, COPACOBANA, cryptanalysis

1

Introduction

Electronic car or garage opening systems consist of remote controls, which replace traditional keys, and receivers which control the door.

Synchronization Counter Discrimination Value Func

32

Device Key

64

KEELOQ encryption 32 Hopping Code

Fig. 1: KeeLoq encryption.

On having its button pressed a remote sends a hopping code to the receiver to open or close the door. A hopping code is generated by a KeeLoq encryption incorporating a 16-bit counter value, a 12-bit discrimination value and a 4-bit function value, as shown in Figure 1. While the counter is incremented in the remote each time a hopping code is generated, the discrimination and function values remain constant. To obtain the device key on the side of the receiver, the serial number of the remote is either decrypted with a manufacturer key or xored with the manufacturer key, as shown in Figure 2 and in Figure 3a. Alternatively, a randomly generated seed value may by combined with the serial number for the key derivation. For the latter, Microchip proposes three scenarios: a) 28 bits of the serial number (N) are combined with 32 bits of the random seed (S) according to the pattern 0x0NNNNNNNSSSSSSSS (Scenario 2 in Figure 3b), b) 12 bits of the serial number are combined with 48 bits of the seed in the pattern 0x0NNNSSSSSSSSSSSS (Scenario 3 in Figure 3c), c) 60 bits of the seed in the pattern 0x0SSSSSSSSSSSSSSS (Scenario 4 in Figure 3d). Since the KeeLoq cipher has been extensively studied [1], [2], [3], several different types of attack have been proposed. The attack described in [3] reveals the manufacturer key by means of power analysis. As the manufacturer key is shared by all devices of the same producer and since many commercial products derive the device keys from their serial numbers only (without using a seed), breaking the

Serial Number / SEED 32

KEELOQ decryption/ /XOR

32

Manufacturer Key 64

32

Device Key MS 32 bits

64

KEELOQ decryption/ /XOR 32

Device Key LS 32 bits

Fig. 2: Device key generation.

system is straightforward — the serial number is intercepted from the communication between the remote and the receiver, and the secret key of the remote is derived (Scenario 1 in Figure 3a). The goal of this work is finding the correct Device Key when random seed is used for device key generation (Scenarios 2 through 4 in Figure 3). As illustrated in Figure 2, the 32 most significant bits (MSB) of the device key are derived from the higher 32 bits of the input value, while the lower 32 bits are generated from the lower 32 bits of the input. If a random seed is used, lower 32 bits of the device key are always random, while upper 32 bits may have either a fixed value (Scenario 2), or one of 216 potential values (Scenario 3), or one of 228 potential values (Scenario 4). Consequently, when implementing a brute-force attack, each combination of 32 MSBs of the device key may be precomputed in software and then combined with all 232 combinations of 32 LSBs (generated in hardware by a counter), until the correct value of the device key is found.

2

KeeLoq Breaker

To break the cipher we need to intercept two hopping codes of the same device, generated from the same device key. Such hopping codes are generated from identical discrimination and function values, but from different counter values (see Figure 1). However, the difference

Serial Number

0h Serial Number – 28 bits

32

KEELOQ decryption/ /XOR

32

32

Manufacturer Key 64

64

KEELOQ decryption/ /XOR

32

SEED – 32 bits

KEELOQ decryption/ /XOR

32

Manufacturer Key 64

64

32

32

KEELOQ decryption/ /XOR 32

Device Key MS 32 bits

Device Key LS 32 bits

Device Key MS 32 bits

Device Key LS 32 bits

Precomputed in SW

Precomputed in SW

Precomputed in SW

Generated in HW

(a) Scenario 1

0h SN – 12 b

SEED – 48 bits

32

KEELOQ decryption/ /XOR

(b) Scenario 2

0h 32

Manufacturer Key 64

64

32

KEELOQ decryption/ /XOR 32

SEED – 60 bits 32

KEELOQ decryption/ /XOR

32

Manufacturer Key 64

64

32

KEELOQ decryption/ /XOR 32

Device Key MS 32 bits

Device Key LS 32 bits

Device Key MS 32 bits

Device Key LS 32 bits

Precomputed in SW

Generated in HW

Precomputed in SW

Generated in HW

(c) Scenario 3

(d) Scenario 4

Fig. 3: Scenarios for device key generation.

between the counter values will be small, if the two consecutive (or almost consecutive) hopping codes are intercepted. We implemented a brute-force attack on KeeLoq on the parallel computation cluster COPACOBANA [4]. This cluster has been designed to support cryptanalytical calculations. The cluster is equipped with 120 low-cost Xilinx Spartan3-1000 FPGAs, which communicate with the host computer via the controller board. Note, that it is possible to employ several COPACOBANAs in order to further increase the performance. The diagram of the circuit implemented in each FPGA is shown in Figure 4. A candidate for the device key is found by means of

Hopping Code #1

KEELOQ decryption

Counter1

Hopping Code #2

Device Key Generator

Discrim1

F1

(Counter2 – Counter1) < 7 ?

KEELOQ decryption

Counter2

Discrim1

F2

Discrim1F1 == Discrim2F2 ?

KEY CANDIDATE Fig. 4: KeeLoq breaker.

exhaustive key-search, if the decryptions of two intercepted hopping codes reveal identical discrimination values and moderately increased counter values. The core of the implementation is a Device Key Generator consisting of a 32-bit register and a 32-bit counter. The register holds 32 MSBs of the device key (being precomputed in software and assigned by the host computer), while the counter is repeatedly increased to generate all possible values for the lower 32 bits of the device key. If all counter-values have been generated, and no key candidate has been found, the FPGA is assigned with the new value of upper 32 bits of the key. A KeeLoq decryption is executed in 132 rounds. In our optimized implementation we unrolled both decryption units into a pipeline structure. Each path of the pipeline consists of 176 stages, i.e., each stage contains 4 rounds of the cipher (the number of stages was limited by available resources). The KeeLoq breaker occupies 6423 out of 7680 slices (83%) of the Xilinx Spartan 3-1000 FPGA. The maximum achievable clock frequency for the COPACOBANA was 110 MHz, i.e., each FPGA can test up to 110 million keys per second.

SEED length (bits) 32 48 60

1 FPGA 1 COPACOBANA 100 COPACOBANAs (< 80 $) (< 10000 $) (< 1000000 $) 39 secs 0.33 secs 3.3 msecs 29.6 days 5.9 hours 213 secs 332 years 1011 days 10.1 days

Table 1: Worst case times for the brute force attack on KeeLoq

3

Results and Conclusions

When a 32-bit seed is used, up to 232 potential values of the device key need to be tested, in order to find the correct one. This 232 takes 120×110·10 6 ≈ 0.33 seconds on one COPACOBANA in the worst case. Finding the correct device key in case of a 48-bit seed takes 248 up to 120×110·10 6 seconds ≈ 5.9 hours on one COPACOBANA. For 260 the 60-bit seed we need up to 120×110·10 6 seconds ≈ 1011 days on one COPACOBANA. The attack is arbitrarily parallelizable and could thus be run on multiple COPACOBANAs to decrease the attack time. Worst case times for all possible seed lengths, and 1 FPGA, 1 COPACOBANA and 100 COPACOBANAs, respectively, are summarized in Table 1. We conclude that using a 32-bit seed provides no security, since a key can be found in real-time. While a seed with 48 bits can be broken in less than 6 hours by one COPACOBANA, employing a 60-bit seed can provide reasonable security.

References 1. A. Bogdanov, “Attacks on the KeeLoq Block Cipher and Authentication Systems,” in 3rd Conference on RFID Security 2007 (RFIDSec 2007), 2007. [Online]. Available: http://rfidsec07.etsit.uma.es/slides/papers/paper-22.pdf. 2. S. Indesteege, N. Keller, O. Dunkelman, E. Biham, and B. Preneel, “A Practical Attack on KeeLoq,” in Advances in Cryptology - EUROCRYPT 2008, 2008. 3. T. Eisenbarth, T. Kasper, A. Moradi, C. Paar, M. Salmasizadeh, and M. T. M. Shalmani, “On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme.” in Advances in Cryptology - CRYPTO 2008, 2008, pp. 203–220. 4. S. Kumar, C. Paar, J. Pelzl, G. Pfeiffer, and M. Schimmler, “Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker,” in Proceedings of CHES’06, ser. LNCS, vol. 4249. Springer-Verlag, 2006, pp. 101–118.