In this paper a key recovery attack with complexity of about $2^{52}$ steps is proposed (one step is equivalent to a single KeeLoq encryption operation). In our attack we use the techniques of guess-and-determine, slide, and distinguishing attacks. Several real-world applications are vulnerable to the attack. To our best knowledge this is the first paper to describe and cryptanalyze the KeeLoq block cipher.
Category / Keywords: secret-key cryptography / secret-key cryptography, block ciphers, cryptanalysis, linear cryptanalysis, boolean functions, authentication codes, applications Date: received 16 Feb 2007 Contact author: abogdanov at crypto rub de Available formats: PDF | BibTeX Citation Version: 20070220:101421 (All versions of this report) Discussion forum: Show discussion | Start new discussion