The Block Cipher Keeloq and Algebraic Attacks

Abstract

The purpose of this chapter is to supply a (relatively) new, feasible, and economically relevant example of algebraic cryptanalysis. The block cipher “Keeloq”1 has been used in the remote keyless-entry system of many automobiles. It has a secret key consisting of 64 bits, takes a plaintext of 32 bits, and outputs a ciphertext of 32 bits. The cipher consists of 528 rounds. In this chapter, we define the cipher.We also show some “frontal assaults” that are not effective. In the next chapter, we describe a successful attack from the author’s dissertation [31, Ch. 2]. Our attack is faster than brute force by a factor of around 214:77 as shown in Section 3.5 on Page 24.

A summary of the attack is given in Section 3.6 on Page 24. Many other attacks on Keeloq are known, discovered since this attack of mine was first written back in January of 2007. In fact, it seems clear from the dates of publication of other attacks, that work on Keeloq was simultaneous among the several research teams involved (see Section 3.8.1 on Page 27). The purpose here is not to describe all or even some of the attacks on Keeloq but to give the reader a non-trivial but straight-forward example of algebraic cryptanalysis succeeding on a real-world cipher.