OT: Who can identify this RF protocol?

Go To Last Post
7 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

We are proposing a replacement controller for a customer. It uses a simple keyfob with a few buttons, like the ones to unlock your car. The customer would like to continue to use the same keyfob transmitter and the receiver in his device, but doesn't have a lot of details on it. [Hopefully, we'll get the info from him.]

I'd wager it is a "standard" protocol of some type, but I'm not conversant in this area. I'll bet one of you gurus can recognize it.

Anyway, here are a few pieces of info:
--Bit time appears to be 2ms. -- 500 bps.
--data stream repeats every 70ms. when a button held down
--data stream appears to be a 16 bit ID, and an 8 bit data byte indicating the button pressed
--the data stream has a high amplitude of about 3.7V. At the tail end of the 24 bit data stream, there are two pulses to 5V, 300us apart and 100us wide, that we assume are sync of some sort.

The edges are nice & clean & repeatable, so I don't anticipate many problems. But it would be helpful if someone could recognize the protocol so I could dig up references. TIA, & take care.

Lee

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I just used a holtek encoder decoder chip.... they have several flavors.... one has a 12 bit address, the other has an 8 bit address and 4 bits of data (the key fob buttons). There is an 8 level dipswitch in the keyfob and the receiver. RayMing makes rf modules using these holtek encoder chips. Very inexpensive.

Imagecraft compiler user

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Customer wants to use the same keyfob & receiver; I just need to know what the protocol is so I can decode on the AVR properly.

Lee

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

It might be Keeloq - the Arizona Microchip standard. They are very secretive about it. You can get the decode algorithm in sample code after you sign an NDA but they never give out the encode algorithm. Murdo.

There are already a million monkeys in front of a million keyboards, and the internet is nothing like Shakespeare!

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I don't really think it is anything secure. We've got two keyfobs, and there is no hint of any encryption or change. It appears to be just a "constant" 16-bit address and 8-bit data message.

Lee

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Pretty much solved. The receiver had no identifiable ICs, but we broke open the keyfob and found a Rato RT1530 "Encoder".

From what can be gleaned from the two-page datasheet (thanks, Google) in Chinese, there is a 10ms. low time, 20-bit address LSB-first, 4 data bits LSB first, and two high end-of-frame bits.

I should be able to go from here. Thanks, all.

Lee

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

theusch wrote:
Pretty much solved. The receiver had no identifiable ICs, but we broke open the keyfob and found a Rato RT1530 "Encoder".

From what can be gleaned from the two-page datasheet (thanks, Google) in Chinese, there is a 10ms. low time, 20-bit address LSB-first, 4 data bits LSB first, and two high end-of-frame bits.

I should be able to go from here. Thanks, all.

Lee

Is it a Trinary encoder?

//Sy