New Weakness in the Key-Scheduling Algorithm of RC4

Ohigashi, Toshihiro; Shiraishi, Yoshiaki; Morii, Masakatu

doi:10.1093/ietfec/e91-a.1.3

Cited by 8 publications

(2 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We can read it is a chosen plain text attack. The FMS attack has been extended to use more weak IV classes by several researchers [4]- [7]. Tews, Weinmann, and Pyshkin have proposed a key recovery attack against WEP without using any weak IV in 2007 (called the PTW attack [8]).…”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP

Morii

Todo

2011

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYIn recent years, wireless LAN systems are widely used in campuses, offices, homes and so on. It is important to discuss the security aspect of wireless LAN networks in order to protect data confidentiality and integrity. The IEEE Standards Association formulated some security protocols, for example, Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP). However, these protocols have vulnerability for secure communication. In 2008, we proposed an efffective key recovery attack against WEP and it is called the TeAM-OK attack. In this paper, first, we present a different interpretation and the relation between other attacks and the TeAM-OK attack against WEP. Second, we present some existing attacks against WPA-TKIP and these attacks are not executable in a realistic environment. Then we propose an attack that is executable in a realistic environment against WPA-TKIP. This attack exploits the vulnerability implementation in the QoS packet processing feature of IEEE 802.11e. The receiver receives a falsification packet constructed as part of attack regardless of the setting of IEEE 802.11e. This vulnerability removes the attacker's condition that access points support IEEE 802.11e. We confirm that almost all wireless LAN implementations have this vulnerability. Therefore, almost all WPA-TKIP implementations cannot protect a system against the falsification attack in a realistic environment.

show abstract

Section: Introductionmentioning

confidence: 99%

Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP

Morii

Todo

2011

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

“…a) E-mail: teramura@stu.kobe-u.ac.jp DOI: 10.1587/transfun.E94.A. 10 ing Algorithm (KSA) was finished (called initial state) [17]- [20]. They used the relational equations between an initial state and a secret key for these attacks.…”

Section: Introductionmentioning

confidence: 99%

Generalized Classes of Weak Keys on RC4 Using Predictive State

Teramura

Ohigashi

Kuwakado

et al. 2011

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

Conventional class of weak keys on RC4 stream cipher is defined as a specific case that combinations of the first three bytes of secret key satisfy two relational equations. This paper expands and generalizes the classes of weak keys using generalized relational equations and special classes of the internal state (called predictive state). We derive the probability that generalized classes of weak keys leak the information of bytes of the secret key. Furthermore, we enumerate the generalized classes of weak keys and show that most of them leak more information of the secret key than Roos' one.

show abstract

KSAm – An Improved RC4 Key-Scheduling Algorithm for Securing WEP

Crainicu

Boian

2009

Novel Algorithms and Techniques in Telecommunications and Networking

View full text Add to dashboard Cite

New Weakness in the Key-Scheduling Algorithm of RC4

Cited by 8 publications

References 17 publications

Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP

Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP

Generalized Classes of Weak Keys on RC4 Using Predictive State

KSAm – An Improved RC4 Key-Scheduling Algorithm for Securing WEP

Contact Info

Product

Resources

About