- Related Pages
- How to Report Potential Product Security Vulnerabilities
Passive Keyless Entry Reference Design (APGRD001) - The PKE Reference Design demonstrates a fully functional Passive Keyless Entry system. This solutioncontains 3 independent boards: the Key Fob, the Base Station and the Receiver/Decoder...
Tire Pressure Monitoring System Reference Design (APGRD003) – This is fully-functional Tire Pressure Monitoring System (TPMS), which uses “direct measurement” to monitor the internal temperature and pressure of a vehicle’s tire.
Tire Pressure Monitoring System Accessory Kit (APGAC031) - This Kit is an extension to the APGRD003 TPMS Reference Design. It provides one complete Tire Sensor Node. APGAC031 uses an Analog pressure and temperature sensors to collect data within the tire.
Yes, the PIC24FJ GB204 family and PIC32MZ family have an integrated hardware crypto engine.
The Hardware Crypto Engine accelerates applications that need cryptographic functions. By executing these functions in the hardware module, software overhead is reduced, and actions such as encryption, decryption, and authentication can execute much more quickly. This also removes the need to develop an appropriate cryptographic code library for new applications.
For more details on PIC32MZ devices, please refer to the family data sheet.
For more details on the PIC24FJGB204 product family, please refer to the family data sheet
Yes you need to be licensed by Microchip in order to use Microchip KEELOQ® Encoder and Decoder products. Where the KEELOQ® software has...
been integrated into the Microchip HCS-XXX device by Microchip, your license is part of your standard terms and conditions of sale.
If you would like to integrate the KEELOQ® decoder software into a Microchip PIC Microcontroller product yourself, then you will need to obtain a copy of the Microchip decoder software package (DS40038) and agree to the click-through license agreement terms.
If you would like to integrate the KEELOQ® encoder software into a Microchip PIC Microcontroller product yourself, then you will need to agree to a separate license to do so. For details on license agreement see the sections in KEELOQ® Licenses from the link, www.microchip.com/design-centers/embedded-security/downloads/keeloq-encoder-download
Any installation, use, or copying of the KEELOQ® Encoder / Decoder software or documentation shall also constitute acceptance of license agreement terms.
Further information may also be obtained by contacting your local / regional Microchip Sales Representative.
For the OTP key storage, once the key is written, it is completely locked with a fuse bit so not further read or write can be done by the CPU. So, this limits to a single write for the OTP secure key storage. The OTP key storage on the PIC24 “GB2” family is 512-bits long. The AES algorithm can use either 128, 192 or 256-bit keys. So, if a customer is using AES with a 256-bit key, they can store 2 keys, or for if they are using 128-bit key, they can store 4 keys. DES is 64-bit key length, so they can store 8 keys.
RKE- Remote Keyless Entry...
PKE- Passive Keyless Entry
LF- Low Frequency. LF refers to a typical 125 kHz frequency.
Transcoder- Device combining unidirectional transmitter capabilities with bi-directional authentication capabilities.
Anticollision– It is a scheme where the transponders in the same field can be addressed individually, preventing simultaneous response to a command.
Code Hopping- A method by which a code, viewed externally to the system, appears to change unpredictably each time it is transmitted.
Code Word- A block of data that is repeatedly transmitted upon button/key activation.
KEELOQ® Transmission- A data stream consisting of repeating code words.
Crypt key- A unique and secret 64-bit number used to encrypt and decrypt data. In a symmetrical block cipher such as the KEELOQ® algorithm, the encryption and decryption keys are equal and will therefore be referred to generally as the crypt key.
Encoder- A device that generates and encodes data.
Encryption Algorithm- A recipe whereby data is scrambled using a crypt key. The data can only be interpreted by the respective decryption algorithm using the same crypt key.
Decoder- A device that decodes data received from an encoder.
Decryption algorithm- A recipe whereby data scrambled by an encryption algorithm can be unscrambled using the same crypt key.
Device Identifier- 16-bit value used to uniquely select one of multiple transponders for communication.
IFF- Identify Friend or Foe, a classic authentication method.
Manufacturer’s code– A unique and secret 64- bit number used to generate unique encoder crypto keys. Each encoder is programmed with a crypto key that is a function of the manufacturer’s code. Each decoder is programmed with the manufacturer code itself.
Proximity Activation- A method whereby an encoder automatically initiates a transmission in response to detecting an inductive field
allows KEELOQ® devices to be programmed while in users' systems or programmer socket, which increases the flexibility of designing cryptographic encoders, decoders and transponders into electronic systems. Basically the manufacturer’s code, crypt keys, and synchronization information are stored in encrypted form in external / internal EEPROM for as the devices are memory mapped. The programming voltage range for VDD is +5V ± 10% for all the KEELOQ® devices.
For more details on programming KEELOQ® devices go through the document HCSXXX Memory Programming Specification (DS41256B) from the link http://ww1.microchip.com/downloads/en/DeviceDoc/41256B.pdf
Note: Devices with on-chip EEPROM do not store encrypted keys. Only devices with off-die EEPROM encrypt information before storing.
KEELOQ® is based on a proprietary, non-linear encryption algorithm that creates a unique transmission on every use, rendering code capture...
and resend schemes useless. The algorithm uses a programmable 64-bit encryption key unique to each device to generate 32-bit hopping code. The key-length and code-hopping combination reduces the possibility of unwanted access.
Up to 256-bit AES keys are supported in the PIC24 and PIC32 products with an integrated crypto engine. Also includes configurable support for 128, 192 or 256-bit keys.
One of the main benefits is that the hardware crypto engine is housed in its own section within the processor. This means that hackers who could have used techniques to gain access to the valuable data during the encryption process find it difficult if the hardware crypto engine is used. The hardware crypto engine also performs the encryption and decryption calculations at many faster speed than is possible in software implementations of the same techniques. This is achieved through the offset of computations to the hardware crypto engine, which performs the computations in real-time. This frees up the processor to do other things or enables running the processor at a slower speed to save power.
The quality of the keys used to secure data and the subsequent strength of encryption is far superior to software based processes. Key generation using the crypto engine allows developers to capture true randomness experienced only in the sub-atomic world and apply it to the generation of a truly random key. This thwarts hackers who rely on the statistical repeatability experienced in software random number generation and in the subsequent key generation to break secure code.
A remote control transmitter of any type normally used in vehicle security systems is nothing but a small radio transmitter that transmits a code number on a certain frequency. This code
number is normally generated by an integrated circuit encoder. The transmit frequency is normally fixed by legislation within a particular country, however it is due to the simple transmission format it supports, enabling anybody to build a simple receiver that can receive signals from all such transmitters. It is a simple matter to build a circuit to record such transmissions for reply at the later time. Such a system is known as a code or key grabber.
The limited number of possible combinations available in most remote control systems makes it possible to transmit all possible combinations in a relatively short time. A hand...
held microprocessor-based system which is used for this purpose is called a code scanner. Scanning process can typically be accomplished in less than 32 seconds (when trying eight combinations per second). Even in systems using 16-bit keys (yielding roughly 65,000 combinations); only 2.25 hours would be required to try all possible combinations. It should also be noted that the scanner may gain access in far less than this maximum time—the average time would in fact be half of the total time.
Currently KEELOQ® is being used in the following applications :
- Remote Keyless Entry / RKE Transmitter / RKE Transponder
- Electronic Door Locks & Access Control
- Electronic Gadget / Radio Theft Protection
- Gates / Garage Doors
- Employee Identification
- Software Protection
- Authentic spare parts: car batteries / airbags
- Highway toll collection
- Gas pump billing
- Track tire pressure sensors
- Keyboard locks
- Blood test tubes
KEELOQ® technology is used in unidirectional transmissions to defeat:
KEELOQ® technology is used in transponder systems (IFF – bidirectional transmissions) to defeat:
This is also called as KEELOQ® Bi-directional Transponder Transmission. The basic features of this transmission are :
- 32-bit data challenge and 32 -bit data response system
- Encryption keys are read protected - no duplication
- Memory is EEPROM thus reprogrammable
- Minimal external component count
- USER UNIQUE bit encryption key used to configure algorithm
- User Read/Write capability (64-bit)
- Contactless/Contact configuration
- Fully Code Hopping compatible
authentication, remote-keyless-entry (RKE) or passive-keyless-entry (PKE) applications.
The basic features of KEELOQ® Unidirectional Transmission are:
- 66-bit transmission length (32-bit hop code, 34-bit fixed code)
- 2 to 5 status bits
- Multiple functions per transmitter (up to 15)
- Low voltage encoder operation
- Non volatile memory with error correction
- Minimal external components
- USER UNIQUE 64-bit encryption key used to configure algorithm
- Transparent synchronization
There are three levels of security in KEELOQ® systems:
- Simple Method: Use of a fixed User Encryption Key
- Normal Method: Use of Serial Number to Generate User Encryption Key
- Secure Method: Use of Learn Seed to Generate User Encryption Key
The KEELOQ® Evaluation Kit II (DM303006) – This contains all the necessary hardware to evaluate a code hopping system, including two transmitters ...
and a multi-function receiver board that supports the HCS5XX stand-alone decoders.
Passive Keyless Entry Reference Design (APGRD001) - The PKE Reference Design demonstrates a fully functional Passive Keyless Entry system. This solution contains 3 independent boards: the Key Fob, the Base Station and the Receiver/Decoder.
Microchip also offers a variety of software decoders that allows the system designer to integrate the KEELOQ® decoding functions with their applications onto a single PIC MCU. The software decoders come as part of a licensing package (DS40038) and include the decoding algorithm, receive routines and support various learning schemes to reduce development time and get the product to market faster.
A wide range of application notes are offered Microchip design engineers for detailed technical information to remove roadblocks during the development cycle.
For more details please refer KEELOQ® Authentication Products from the link http://www.microchip.com/keeloq/
The hardware components offered by Microchip for KEELOQ® systems are:
General Purpose PIC Microcontrollers
- PIC Microcontrollers with hardware KEELOQ® engine (PIC12F635/636/639 family)
- KEELOQ® Encoders (HCS 1xx/2xx/3xx family)
- KEELOQ® Decoders (HCS 5xx family HCS 5xx family or any PIC Microcontroller)
- KEELOQ® Transcoder/Encoder (transponder and encoder combinations) (HCS4xx family)
- Battery Authentication products (MCP73826/7/8, MCP73841/2/3/4, MCP73861/2)
For more details and update on KEELOQ® Authentication Products refer the link, http://www.microchip.com/keeloq/
The technology which involves KEELOQ® systems to authenticate codes for security reasons is called KEELOQ® Technology. There are two basics types of transmission for authentication in KEELOQ® systems:
KEELOQ® means Authentication. Wireless systems are being implemented in the automotive, residential, personal and commercial arenas and are not only limited to:...
- vehicle alarm arming and disarming
- home garage and gate door openers
- home lighting control
- home security and fire alarm systems
- cellular phones
- utility meters for near-field readings
- warehouse inventory control system
- and RF LANs.
In many of these applications, different levels of security are required. The level of security required is dependent on the application and customer demands. Hence KEELOQ®, patented by Microchip provides both access and security to systems in which it is used.
KEELOQ® Learning involves the receiver calculating the transmitter’s appropriate crypt key, decrypting the received hopping code and storing the serial...
number, synchronization counter value and crypt key in EEPROM. The KEELOQ® product family facilitates several learning methods to be implemented on the decoder. The following are examples of what can be done.
The different types of Learning in KEELOQ® are:
- Simple Learning:
The receiver uses a fixed crypt key, common to all components of all systems by the same manufacturer, to decrypt the received code word’s encrypted portion.
- Normal Learning:
The receiver uses information transmitted during normal operation to derive the crypt key and decrypt the received code word’s encrypted portion.
- Secure Learning:
The transmitter is activated through a special button combination to transmit a stored 60-bit seed value used to generate the transmitter’s crypt key. The receiver uses this seed value to derive the same crypt key and decrypt the received code word’s encrypted portion.
The carrier frequency used in KEELOQ® applications is 125-kHZ.
Simulation and modeling applications often prefer the deterministic features of a Pseudo Random Number Generator (PRNG). Other applications, such as security, gambling machines and lotteries, prefer the truly random nature of a True Random Number Generator (TRNG) for creating secure keys.
The MPLAB® PM3 from Microchip supports KEELOQ® devices to be programmed both on users' systems or programmer socket. Also SQTP file creation...
for HCS devices is now available by using the KEELOQ® Plug-in to MPLAB IDE. This component is offered during the MPLAB IDE Installation. When installed, the KEELOQ® Plug-in becomes available under the Tools menu in the MPLAB IDE. Encoder, Decoder and Transponder options are offered on the KEELOQ® dialog for the SQTP file creation.
Currently the PICkit2 (with the PICkit2 GUI) can also program most HCS devices.
Remote control via RF or IR is popular for many applications, including vehicle alarms and automatic garage doors. Conventional remote control systems...
are based on unidirectional transmission and have limited security. More sophisticated devices based on bi-directional transmission are also available but, because of their high cost and certain practical disadvantages, they are not widely used in commercial remote control devices.
The popular unidirectional transmission systems currently have two very important security shortcomings: the codes they transmit are usually fixed and the number of possible code combinations is relatively small. Either of these shortcomings can lead to unauthorized access.
Hence secure remote control systems can only be implemented if two conditions are met. The KEELOQ® code hopping system meets both these conditions with ease.
- A large number of possible combinations must be available.
A 64-bit transmission code with between 2- to 5-bits of status information are used for a total of 66- to 69-bits to make scanning impossible. The 32-bit encrypted portion provides for more than 4 billion code combinations. A complete scan would take 17 years
- The system may never respond twice to the same transmitted code.
The hopping code algorithm will never respond to the same code twice over several lifetimes of a typical system