900,000+ datasheet pdf search and download

Datasheet4U offers most rated semiconductors data sheet pdf




  Microchip Technology Semiconductor Electronic Components Datasheet  

TB003 Datasheet

An Introduction to KELLOQ Code Hopping

No Preview Available !

TB003
An Introduction to KEELOQ® Code Hopping
Author: Kobus Marneweck
Microchip Technology Inc.
INTRODUCTION
Remote Control Systems
Remote control via RF or IR is popular for many appli-
cations, including vehicle alarms and automatic garage
doors. Conventional remote control systems are based
on unidirectional transmission and have limited secu-
rity. More sophisticated devices based on bi-directional
transmission are also available but, because of their
high cost and certain practical disadvantages, they are
not widely used in commercial remote control devices.
The popular unidirectional transmission systems cur-
rently have two very important security shortcomings:
the codes they transmit are usually fixed and the num-
ber of possible code combinations is relatively small.
Either of these shortcomings can lead to unauthorized
access.
Code Scanning
The limited number of possible combinations available in
most remote control systems makes it possible to trans-
mit all possible combinations in a relatively short time. A
hand held microprocessor-based system for this pur-
pose (called a code scanner) can easily be constructed.
www.DataSheeInt4Us.ycsotmems using eight DIP switches (256 combina-
tions), this scanning process can typically be accom-
plished in less than 32 seconds (when trying eight
combinations per second). Even in systems using
16-bit keys (yielding roughly 65,000 combinations),
only 2.25 hours would be required to try all possible
combinations. It should also be noted that the scanner
may gain access in far less than this maximum time—
the average time would in fact be half of the total time.
Scanning is counteracted by increasing the number of
possible code combinations. A 66-bit code will yield
7.3 x 1019 combination and will take 2.3 x 1011 years to
scan.
Code Grabbing
A remote control transmitter of the type normally used
in vehicle security systems, is nothing but a small radio
transmitter that transmits a code number on a certain
frequency. This code number is normally generated by
an integrated circuit encoder. The transmit frequency is
normally fixed by legislation within a particular country,
enabling anybody to build a simple receiver that can
receive signals from all such transmitters.
It is a simple matter to build a circuit to record such
transmissions captured by the receiver. Such a device
is known as a code or key grabber. A would-be vehicle
thief would typically lurk in a parking lot, waiting until a
vehicle owner arms his alarm with a remote control.
The key grabber would capture the transmitted code,
enabling the thief to retransmit this code as soon as the
owner leaves the parking lot. Typically, this would leave
the alarm and/or immobilizer disabled and even the
central locking unlocked.
The Solution
It is apparent that secure remote control systems can
only be implemented if two conditions are met. The
KEELOQ® code hopping system meets both these con-
ditions with ease.
• A large number of possible combinations must be
available.
A 66-bit transmission code is used to make scan-
ning impossible. The 32-bit encrypted portion pro-
vides for more than 4 billion code combinations. A
complete scan would take 17 years! If the 34-bit
fixed portion is taken into account, the time
required for a complete scan jumps to 5,600 bil-
lion years!
• The system may never respond twice to the same
transmitted code.
The random code algorithm will never respond to
the same code twice over several lifetimes of a
typical system.
Every time a remote control button is pushed, the sys-
tem will transmit a different code. These codes appear
random to an outsider – there is no apparent relation-
ship between any code and the previous or next code.
A far easier way of gaining unauthorized access to a
security system is freely available—such a unit is being
advertised as a tool for the “legal repossession of vehi-
cles.” To understand its operation, it is useful to know
something about remote controls.
KEELOQ is a registered trademark of Microchip Technology, Inc.
Microchip’s Secure Data Products are covered by some or all of the following patents:
Code hopping encoder patents issued in Europe, U.S.A., and R.S.A. — U.S.A.: 5,517,187; Europe: 0459781; R.S.A.: ZA93/4726
Secure learning patents issued in the U.S.A. and R.S.A. — U.S.A.: 5,686,904; R.S.A.: 95/5429
Ó 1996 Microchip Technology Inc.
DS91002A-page 1


  Microchip Technology Semiconductor Electronic Components Datasheet  

TB003 Datasheet

An Introduction to KELLOQ Code Hopping

No Preview Available !

TB003
Once the system has responded to a valid code, about
65,000 valid codes will have to be received before the
same code will be used again. If the remote control is
used eight times daily, 22 years will pass before the
system responds to the same code again - once!
Therefore, a retransmitted code (like when a code
grabber is used) will never activate the system.
The KEELOQ algorithm also features sophisticated syn-
chronization techniques. The system will continue to
function even if the transmitter is activated repeatedly
while not in range of the receiver (as would happen if a
child played with the remote control). If a button is
pressed out of range more than 16 times, synchroniza-
tion will be lost. However, two successive transmis-
sions in range will restore synchronization. When no
response occurs to a transmitter operation, the user's
natural reaction is to press the button a second time.
Synchronization will be restored when he does. Opera-
tion is totally transparent — the user may not even
become aware that synchronization has been lost and
restored.
These obvious security benefits are attainable at a cost
comparable to existing fixed code systems. The revolu-
tionary nature of the KEELOQ algorithm, full custom IC
implementation, and reduced external component
requirements help to make this level of cost effective-
ness possible.
The KEELOQ Algorithm
KEELOQ is a proprietary block cipher based on a block
length of 32 bits and a key length of 64 bits. The algo-
rithm is characterized by a very economical hardware
implementation, while retaining a level of security com-
parable to Data Encryption Standards (DES). This level
of security makes it eminently suitable for code commu-
nication applications such as code hopping antitheft or
access control devices.
www.DataISnfhoeremt4aUti.oconmregarding transmitter identity and synchro-
nization is encoded so as to render it unintelligible to an
outsider. For decoding, it is necessary to have the
same 64-bit key originally used for encoding. There-
fore, even though the decoder (which has the key) can
identify the transmitter unambiguously, an outsider
(who does not have access to the key and/or the algo-
rithm) can glean no information at all from the transmis-
sions.
As it is impossible to insert information into the system
from outside, strategies used to attack FEAL and other
DES-like ciphers are not usable against this system.
The KEELOQ algorithm is designed to make it impossi-
ble for a potential assailant to predict the next code that
will be transmitted by a valid transmitter. Even if the
assailant makes a reasonable guess regarding the way
in which transmitted information changes with each
transmission, the algorithm obscures this information
sufficiently that the next code can not be anticipated. In
particular, even if the transmitted information (before
encoding) differs only in one bit from the information in
the previous transmission, the next transmission will be
totally different.
Checks exist that can be used to verify the security
characteristics of an encoding algorithm and, in this
instance, to determine whether the next transmitted
code is predictable to any degree. The Avalanche
Effect and a subset thereof, the Strict Avalanche Crite-
rion, have been tested on the KEELOQ algorithm. The
results give a good indication of the security offered by
the system.
• Avalanche Effect (AE)
A block cipher satisfies the AE if changing one bit
of the information causes, on average, half of the
bits in the transmission to change. In the KEELOQ
algorithm, this implies that changing one bit in the
function and/or synchronization information will
cause an average of 16 of the 32 bits in the trans-
mitted code to change.
• Strict Avalanche Criterion (SAC)
The SAC requires that, if one bit of the encoded
information is changed, each bit in the output
must have a chance of 0.5 of changing as well.
Consequently, the probability of guessing any one
bit correctly is 0.5, and the probability of guessing
an entire 32-bit string correctly is one in about
4,300,000,000!
The tests involved using a random 64-bit key and
a Gray counter (starting at zero) as input to the
algorithm. In each case, the output was compared
with a reference (SAC) or with the previous code
(AE). In both cases, the results were as expected:
For the AE, the average number of bits changed
was 16.0 (50%), with a standard deviation of 2.83
(8.8%). For the SAC, each individual bit changed
an average of 50% of the time, with a standard
deviation of 8.8%.
DS91002A-page 2
Ó 1996 Microchip Technology Inc.


Part Number TB003
Description An Introduction to KELLOQ Code Hopping
Maker Microchip Technology
Total Page 12 Pages
PDF Download

TB003 Datasheet PDF

View PDF for Mobile








Similar Datasheet

1 TB003 An Introduction to KELLOQ Code Hopping
Microchip Technology





Part Number Start With

0    1    2    3    4    5    6    7    8    9    A    B    C    D    E    F    G    H    I    J    K    L    M    N    O    P    Q    R    S    T    U    V    W    X    Y    Z

Site map

Webmaste! click here

Contact us

Buy Components

Privacy Policy