Research

Elliptic Curve Cryptograpy in Remote Keyless Entry

Prototype Implementation

SONY DSC

Current Remote Keyless Entry Systems

Remote Keyless Entry (RKE) systems are used in a broad range of applications. Examples include remote keyless entry systems for vehicles as well as building access control applications. Typically, these systems employ a small, battery-powered device that transmits an authentication message to a car or building to open or close doors. Recent research results point out dramatic security flaws in many systems which are currently on the market. Those security flaws are based on outdated cryptographic algorithms and flawed key management and agreement methods. Examples are the popular Keeloq system from Microchip, which has been broken by researchers from the university of Bochum, or NXP's Hitag-2 system.

Algorithms

State-of-the-art remote keyless entry systems use symmetric, standardized, and well researched cryptographic algorithms, such as AES. Symmetric algorithms have clear advantages regarding implementation and energy efficiency. However, they are not a a good base for entity authentication since they require elaborate key management and secure transfer of secret keys. In contrast to symmetric algorithms, asymmetric algorithms simplify key management. These algorithms allow a key agreement without requiring the transmission of a secret key. The ECC scheme is an asymmetric algorithm and is both very efficient regarding the key lengths and well researched. One disadvantage of asymmetric algorithms, however, is that they are significantly more computationally intensive and cannot be implemented as energy efficient as symmetric algorithms.

Elliptic Curve Cryptography in Remote Keyless Entry

At Fraunhofer AISEC, we demonstrated how Elliptic Curve Cryptography (ECC) can be efficiently used in RKE applications. We developed a new protocol based on ECC which uses only a single transmitted message for repeated authentication. This protocol reduces the required computational overhead on the keyfob device to a minimum and shows that asymmetric cryptography is feasible on resource constrained devices Unlike standardized signature algorithms, however, we do not use hash functions or computations of a modular inverse on the keyfob. We implemented a prototype of the RKE application to prove its feasibility. This prototype extends a keyfob device including a transmitter and a microcontroller by an FPGA implementation for the core operation of ECC.