Physical Cryptanalysis

A complete break of the KeeLoq access control system.

Further details on our attacks and more background information can be found below.

Documents and Links

Physical Cryptanalysis of KeeLoq Code Hopping Applications

Download the paper describing our findings in detail.


Also have a look at the slides illustrating our findings briefly

Previous work

The first cryptanalytic attack on KeeLoq was proposed by Bogdanov. The slides of his presentation are available here.

ndesteege et al. improved the attacks, that are only applicable to IFF (Identify Friend or Foe) systems, to lower the complexity to 65536 known plain- and ciphertexts.


The Wikipedia article gives some more background information on the KeeLoq cipher and existing theoretical attacks.

Traces for DPA Workshop 25C3

HCS301 measurements
AES measurements