KeeLoq on 2.4 GHz

A project log for Street-racing silencer

Silence those annoying noisy street-racers with a push of a button

traxtrax 06/27/2022 at 08:160 Comments

After the device is deployed on the field, I need to make sure it is not misused by others eavesdropping on nRF24L01 packets. I wouldn't want someone else triggering the LEDs thus revealing the location of the device more than necessary.

I could have used AES encryption to build a MAC (message authentication code) to verify authenticity of the transmission and also use a synchronization counter for re-transmission protection, but since this whole project is about re-using old parts I thought why not use old code as well.

In one of my previous projects I worked with KeeLoq so I decided to re-use it to ensure some sort of protection against device takeovers. KeeLoq algorithm is known and is more-less crackable, however with secret 8 bytes-long encryption key it is still not feasible that someone will attempt to attack this little device. For those who succeed - they can take it away as a gift.

The secrecy of transmission is not important in this device so KeeLoq is used only to prevent replay attack and for the authentication of the controller (me).

Data which is prepared/encrypted with KeeLoq is transferred over nRF24L01 and it's 32-bytes long packets. KeeLoq ciphertext is only 4 bytes long and is used as a MAC (as a rolling code), while remaining of the payload is some other "application specific data".

The "application data" transferred between the controller and the device also supports key-change, meaning I can change the KeeLoq "crypt key" any time I like after the device is deployed.