Hitag 2 Hell – Brutally Optimizing Guess-and-Determine Attacks

Authors: 

Aram Verstegen, Roel Verdult, and Wouter Bokslag, FactorIT B.V.

Abstract: 

Cryptographic guess-and-determine (GD) attacks are occasionally mentioned in the literature, but most articles describe conceptual attack optimization while implementation details are seldom discussed. Therefore, we present in this paper not only a conceptual attack optimization, but also a fully detailed design strategy to optimize a general bit-sliced exhaustive search implementation. To demonstrate the applicability of our contribution we present a highly optimized practical brute-force attack on the Hitag2 stream cipher using a guess-and-determine approach. Our implementation explores the full 48-bit search space on a consumer desktop PC with one GPU in approximately 1 minute. The work is specifically effective to recover secret keys from the widely deployed Hitag2 Remote Keyless Entry (RKE) system. Compared to the most practical Hitag2 RKE attack published in the literature, our implementation is more than 500 times faster. Furthermore, our approach has a 100% success rate with only two captured RF frames and is extremely practical compared to previously published unrealistic sat-solver, cube cryptanalysis and correlation attacks which require hundreds of traces or truly random nonces. We fully release our source code as reference material for related research in the future.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {220578,
author = {Aram Verstegen and Roel Verdult and Wouter Bokslag},
title = {Hitag 2 Hell {\textendash} Brutally Optimizing Guess-and-Determine Attacks},
booktitle = {12th {USENIX} Workshop on Offensive Technologies ({WOOT} 18)},
year = {2018},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/woot18/presentation/verstegen},
publisher = {{USENIX} Association},
}