2011
DOI: 10.1007/978-3-642-20465-4_20
|View full text |Cite
|
Sign up to set email alerts
|

Statistical Attack on RC4

Abstract: Abstract. In this paper we construct several tools for manipulating pools of biases in the analysis of RC4. Then, we show that optimized strategies can break WEP based on 4 000 packets by assuming that the first bytes of plaintext are known for each packet. We describe similar attacks for WPA. Firstly, we describe a distinguisher for WPA of complexity 2 43 and advantage 0.5 which uses 2 40 packets. Then, based on several partial temporary key recovery attacks, we recover the full 128-bit temporary key by using… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
32
0

Year Published

2011
2011
2019
2019

Publication Types

Select...
6
1

Relationship

1
6

Authors

Journals

citations
Cited by 27 publications
(32 citation statements)
references
References 24 publications
0
32
0
Order By: Relevance
“…As reported in the literature the adversary attack the WEP protocol by recovering the secret key K from the known values of IV (initialization vector) and known values of the RC4 keystream bytes found from the plaintext and ciphertext pairs. [31][32][33], and Shepehrdad, Susil, Vaudenay and Vuagnoux (SSVV) attack [34], WEP was declared as an insecure protocol. Later it is replaced by WPA (Wi-Fi protected access) which also make use of RC4 as its core element.…”
Section: Key Recovery From Keystreammentioning
confidence: 99%
See 1 more Smart Citation
“…As reported in the literature the adversary attack the WEP protocol by recovering the secret key K from the known values of IV (initialization vector) and known values of the RC4 keystream bytes found from the plaintext and ciphertext pairs. [31][32][33], and Shepehrdad, Susil, Vaudenay and Vuagnoux (SSVV) attack [34], WEP was declared as an insecure protocol. Later it is replaced by WPA (Wi-Fi protected access) which also make use of RC4 as its core element.…”
Section: Key Recovery From Keystreammentioning
confidence: 99%
“…WPA defended against many attacks in WEP. WPA has again proved to be a weak protocol due to TB data injection attacks [30], and SVV attacks [33]. Further a new protocol WPA2 was proposed by the Wi-Fi alliance which uses AES block cipher as an encryption algorithm instead of RC4.…”
Section: Key Recovery From Keystreammentioning
confidence: 99%
“…Indeed, tools such as Aircrack-ng are massively downloaded to provide a good example of weaknesses in cryptography. Finally, the TKIP protocol used by WPA is not much different from WEP (just a patch over WEP), so that attacks on WEP can affect the security of networks using TKIP, as seen in [2,26]. For instance in [26], the authors used exactly the same biases as in WEP to break WPA.…”
Section: Motivationmentioning
confidence: 99%
“…Finally, the TKIP protocol used by WPA is not much different from WEP (just a patch over WEP), so that attacks on WEP can affect the security of networks using TKIP, as seen in [2,26]. For instance in [26], the authors used exactly the same biases as in WEP to break WPA. Hence, gaining a better understanding of the behaviour of these biases may lead to a practical breach of WPA security in future.…”
Section: Motivationmentioning
confidence: 99%
See 1 more Smart Citation