Breaking a Hitag2 Protocol with Low Cost Technology
V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, J. Zhang
2017
Abstract
Hitag2 is an encryption algorithm designed by NXP Semiconductors that is used in electronic vehicle immobilizers and anti-theft devices. Hitag2 uses 48-bit keys for authentication and confidentiality, and due to that feature it is considered an insecure cipher. In this contribution we present a comparison of low cost technologies able to break a known protocol based on this cipher in a reasonable amount of time. Building on top of these solutions, it is possible to create an environment able to obtain Hitag2 keys in almost negligible time. The procedure can be easily expanded in order to consider other protocols based on the same cipher.
References
- Courtois, N. T., O'Neil, S., and Quisquater, J.-J. (2009). Practical algebraic attacks on the Hitag2 stream cipher. In Information Security: 12th International Conference (ISC 2009), pages 167-176.
- Courtois, N. T., O'Neil, S., and Quisquater, J.-J. (2011). Cube cryptanalysis of Hitag2 stream cipher. In International Conference on Cryptology and Network Security (CANS 2011), pages 15-25.
- Garcia, F. D., Oswald, D., Kasper, T., and Pavlidès, P. (2016). Lock it and still lose it-On the (in)security of automotive remote keyless entry systems. In 25th USENIX Security Symposium (USENIX Security 2016), pages 929-944.
- Guneysu, T., Kasper, T., Novotny, M., Paar, C., and Rup, A. (2008). Cryptanalysis with COPACOBANA. 57:1498.
- ISO/IEC (2014). ISO/IEC 14882:2014. http://www.iso.org/iso/home/store/catalogue ics/ catalogue detail ics.htm?csnumber=64029& ICS1=35&ICS2=60.
- Mittal, S. and Vetter, J. S. (2014). A survey of methods for analyzing and improving GPU energy efficiency. ACM Computing Surveys, 47(2):1-23.
- NVIDIA Corp. (2016). What is GPU computing? https://www.nvidia.com/object/what-is-gpucomputing.html.
- OpenMP (2016). The OpenMP API specification for parallel programming.
- Oracle Corp. (2010). Oracle Completes Acquisition of Sun. http://www.oracle.com/us/corporate/press/044428.
- Oracle Corp. (2016). Go Java. https://go.java/index.html.
- Stembera, P. and Novotny, M. (2011). Breaking Hitag2 with reconfigurable hardware. In 14th Euromicro Conference on Digital System Design (DSD 2011), pages 558-563.
- Verdult, R. (2015). The (in)security of proprietary cryptography. Radboud University Nijmegen, Nijmegen (Nederlands).
- Verdult, R., Garcia, F. D., , and Balasch, J. (2012). Gone in 360 seconds: Hijacking with Hitag2. In 21st USENIX Security Symposium (USENIX Security 2012), pages 237-252.
- Wiener, I. (2008). Philips/NXP Hitag2 PCF7936/46/47/52 stream cipher reference implementation. https://web.archive.org/web/20080105114835/ http://cryptolib.com/ciphers/hitag2/hitag2.c.
Paper Citation
in Harvard Style
Gayoso Martínez V., Hernández Encinas L., Martín Muñoz A. and Zhang J. (2017). Breaking a Hitag2 Protocol with Low Cost Technology . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 579-584. DOI: 10.5220/0006271905790584
in Bibtex Style
@conference{icissp17,
author={V. Gayoso Martínez and L. Hernández Encinas and A. Martín Muñoz and J. Zhang},
title={Breaking a Hitag2 Protocol with Low Cost Technology},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={579-584},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006271905790584},
isbn={978-989-758-209-7},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Breaking a Hitag2 Protocol with Low Cost Technology
SN - 978-989-758-209-7
AU - Gayoso Martínez V.
AU - Hernández Encinas L.
AU - Martín Muñoz A.
AU - Zhang J.
PY - 2017
SP - 579
EP - 584
DO - 10.5220/0006271905790584