logo
Contact us Contact us
In front of a black automatic gate, a hand is extended holding a small transmitter that when pressed, automatically opens the gates

What is KeeLoq rolling code?

KeeLoq rolling code, sometimes also known as hopping code, is commonly used as a security measure for encrypting radio frequency transmission. It can be found in a wide variety of contexts such as garage door openers, access control systems, keyless car entry, automatic gate triggers, and more.

Rolling code works by preventing the transmission from being recorded and saved, then replayed later to trick the receiver into unlocking the door or barrier.

What does rolling code mean?

Transmitted code functions like a password. When activated, a transmitter generates and sends a signal containing the password to its paired receiver. The receiver analyses the password to see if it is acceptable. If accepted, the receiver then triggers a relay, allowing the door or barrier to be unlocked and opened.

In a fixed code system, the password never changes. This leaves the system vulnerable to attack, as if someone was able to find out the password, they could use it to gain access without authorisation. Rolling code significantly reduces the risk of unauthorised entry because the password changes every time it is used.

Secure wireless transmission solutions
Data protected by robust encryption
Instant, convenient access control
stratégie de sécurité pour les accès de mon entreprise

How does KeeLoq rolling code work?

Rolling code transmission systems use methods of encrypting the data that allow the transmitter and the receiver to share passwords, but which make it considerably more difficult for an attacker to discover them. KeeLoq® is a proprietary block cypher that is one of the most commonly used encryption methods for radio frequency transmission.

KeeLoq hopping code utilises a 66-bit transmission code, of which 32 bits are encrypted. In the encrypted section alone, there are almost 4 billion possible code combinations, which would take approximately 17 years to fully scan. The transmitted passwords cannot be re-used regularly, to prevent interception and unlawful access. Once a passcode has been used, it will not be valid again until approximately 65,000 other valid codes have been used. In normal usage scenarios, it would take more than 20 years for a code to become valid again.

A receiver is mounted on a plain white wall in a garage while an extended hand holds a small transmitter with four yellow buttons

How do transmitters and receivers share the same passcodes?

In order for rolling code to work, the transmitter and receiver need to synchronise their code generation. If they don’t, the random password sent from the transmitter would not match the random password expected by the receiver. As such, the term random is slightly misleading here. In reality, the transmitter and the receiver use Pseudo Random Number Generators (PRNGs) to produce a series of passcodes that are seemingly random to outsiders and therefore unpredictable to attackers.

The PRNG is an algorithm which ensures that the series of numbers generated by both the transmitter and the receiver is identical. That way, whenever a passcode is produced by the transmitter, it will match the one generated by the receiver and allow access. The sequence of codes is therefore not truly random; both the transmitter and the receiver must start from the same seed code in order to synchronise properly.

What happens if the transmitter is out of range?

A passcode is generated every time the button on the transmitter is pressed, even if it is out of range of the receiver. If it is out of range, the receiver does not generate a code – therefore leaving the transmitter and the receiver unsynchronised.

To overcome this limitation, the receiver stores a list of the upcoming passwords pre-determined by the PRNG. In KeeLoq hopping code, the list is up to 1,000 future passwords. Once the transmitter comes back into range of the receiver and the button is pressed, the receiver can still identify the code as one of the upcoming passwords and allow access. The ‘missed’ codes that were generated by the transmitter while it was out of range are simply invalidated and the codes are synchronised once again.

KeeLoq also benefits from additional synchronisation security measures. If the transmitter button is pressed 16 or more times whilst out of range of the receiver, the receiver will not unlock the door or barrier on the first press of the button once back in range. Re-synchronisation will only occur when the receiver is sent two consecutive matching codes from the list of valid future codes. In a typical system, if the transmitter button is pressed a few thousand times while out of range, it will be permanently locked out of the receiver and must be manually re-synchronised.