A Complete Break of the Keeloq Code Hopping Scheme and How (In)secure are Real-World Contactless Payment Systems

Lecture: 1. Power Analysis Attack on Real-World Applications: A Complete Break of the Keeloq Code Hopping Scheme
2. How (In)secure are Real-World Contactless Payment Systems

Lecturer: 1. Amir Moradi, post-doc researcher at the Embedded Security Group of Horst Görtz for Institute for IT-Security in Ruhr University of Bochum, Germany
2. Timo Kasper, research assistant, the Ruhr-University Bochum, Germany
Date & time: May 12, 2010, 17.00-19.00
Venue: Balling hall, Technical Library, Prague
Language: English

Abstract of the first lecture:

KeeLoq remote keyless entry systems are widely used for access control purposes such as garage openers or car door systems. We present the first successful differential and simple power analysis attacks on numerous commercially available products employing KeeLoq code hopping. Our new techniques combine side-channel cryptanalysis with specific properties of the KeeLoq algorithm. They allow for efficiently revealing both the secret key of a remote transmitter and the manufacturer key stored in a receiver. As a result, a remote control can be cloned from only ten power traces, allowing for a practical key recovery in few minutes. After extracting the manufacturer key once, with simile techniques using a single power trace, we demonstrate how to recover the secret key of a remote control and replicate it from a distance, just by eavesdropping on at most two messages. This key-cloning without physical access to the device has serious real world security implications. Finally, we mount a denial of service attack on a KeeLoq access control system. All proposed attacks have been verified on several commercial KeeLoq products.

Abstract of the second lecture:

We investigated a real-world contactless payment application based on Mifare Classic cards. For analyzing the security of the payment system, we combined previous cryptanalytical results and implemented an improved card-only attack with customized low-cost tools, that is to our knowledge the most efficient practical attack to date. We found several flaws implying severe security vulnerabilities on the system level that allow for devastating attacks including identity theft and recharging the amount of money on the cards. We practically verify and demonstrate the attacks on the commercial system and sketch countermeasures. Finally, we examine the suitability of more secure (3DES-based) contactless cards for contactless payments.

Short CV of Amir Moradi:

Amir Moradi received the B.Sc. degree in Computer Engineering from Shahid Beheshti University in Iran, in 2001. He also received the M.Sc. and Ph.D. degrees in Computer Engineering from Sharif University of Technology in Iran, in 2004 and 2008, respectively. Currently, he is a post-doc researcher at the Embedded Security Group of Horst Görtz Institute for IT-Security in Ruhr University of Bochum, Germany. His research interests are in the areas of side channel attacks and the implementation of cryptographic algorithms.

Short CV of Timo Kasper:

Timo Kasper has studied electrical engineering and informati on security at the Ruhr-University Bochum (Germany) and the University of Sheffield (Great Britain). He became graduate engineer in 2006 and is now a research assistant in the embedded security group in Bochum headed by Christof Paar. His field of research covers the security of embedded systems such as smartcards, RFID and wireless technology, including side-channel cryptanalysis and system-level attacks.

FIT Informatics Wednesdays is a series of lectures and workshops organized by the Faculty of Information Technology of the Czech Technical University in Prague (CTU). The series aims at students, CTU employees, and professionals in informatics.

Admission is free of charge.

Responsible person for the content of this page: 
Jindra Vojíková, <a href="mailto:Jindra.Vojikova@fit.cvut.cz">Jindra.Vojikova@fit.cvut.cz</a>

Last modified: 23.11.2011, 13:43