Statistical Attack on RC4

Sepehrdad, Pouyan; Vaudenay, Serge; Vuagnoux, Martin

doi:10.1007/978-3-642-20465-4_20

Cited by 27 publications

(32 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As reported in the literature the adversary attack the WEP protocol by recovering the secret key K from the known values of IV (initialization vector) and known values of the RC4 keystream bytes found from the plaintext and ciphertext pairs. [31][32][33], and Shepehrdad, Susil, Vaudenay and Vuagnoux (SSVV) attack [34], WEP was declared as an insecure protocol. Later it is replaced by WPA (Wi-Fi protected access) which also make use of RC4 as its core element.…”

Section: Key Recovery From Keystreammentioning

confidence: 99%

See 1 more Smart Citation

A Survey on RC4 Stream Cipher

Jindal

Singh²

2015

IJCNIS

View full text Add to dashboard Cite

Abstract-RC4 is one of the most widely used stream cipher due to its simplicity, speed and efficiency. In this paper we have presented a chronological survey of RC4 stream cipher demonstrating its weaknesses followed by the various RC4 enhancements from the literature. From the recently observed cryptanalytic attempts on RC4 it is established that innovative research efforts are required to develop secure RC4 algorithm, which can remove the weaknesses of RC4, such as biased bytes, key collisions, and key recovery attacks specifically on WEP and WPA. These flaws in RC4 are offering open challenge for developers. Hence our chronological survey corroborates the fact that even though researchers are working on RC4 stream cipher since last two decades, it still offers a plethora of research issues related to statistical weaknesses in either state or keystream.

show abstract

Section: Key Recovery From Keystreammentioning

confidence: 99%

“…WPA defended against many attacks in WEP. WPA has again proved to be a weak protocol due to TB data injection attacks [30], and SVV attacks [33]. Further a new protocol WPA2 was proposed by the Wi-Fi alliance which uses AES block cipher as an encryption algorithm instead of RC4.…”

Section: Key Recovery From Keystreammentioning

confidence: 99%

A Survey on RC4 Stream Cipher

Jindal

Singh²

2015

IJCNIS

View full text Add to dashboard Cite

show abstract

“…Indeed, tools such as Aircrack-ng are massively downloaded to provide a good example of weaknesses in cryptography. Finally, the TKIP protocol used by WPA is not much different from WEP (just a patch over WEP), so that attacks on WEP can affect the security of networks using TKIP, as seen in [2,26]. For instance in [26], the authors used exactly the same biases as in WEP to break WPA.…”

Section: Motivationmentioning

confidence: 99%

“…Finally, the TKIP protocol used by WPA is not much different from WEP (just a patch over WEP), so that attacks on WEP can affect the security of networks using TKIP, as seen in [2,26]. For instance in [26], the authors used exactly the same biases as in WEP to break WPA. Hence, gaining a better understanding of the behaviour of these biases may lead to a practical breach of WPA security in future.…”

Section: Motivationmentioning

confidence: 99%

See 1 more Smart Citation

Smashing WEP in a Passive Attack

Sepehrdad

Sušil

Vaudenay

et al. 2014

Fast Software Encryption

Self Cite

View full text Add to dashboard Cite

Abstract. In this paper, we report extremely fast and optimised active and passive attacks against the old IEEE 802.11 wireless communication protocol WEP. This was achieved through a huge amount of theoretical and experimental analysis (capturing WiFi packets), refinement and optimisation of all the former known attacks and methodologies against RC4 stream cipher in WEP mode. We support all our claims by providing an implementation of this attack as a publicly available patch on Aircrack-ng. Our new attacks improve its success probability drastically. We adapt our theoretical analysis in Eurocrypt 2011 to real-world scenarios and we perform a slight adjustment to match the empirical observations. Our active attack, based on ARP injection, requires 22 500 packets to gain success probability of 50% against a 104-bit WEP key, using Aircrack-ng in non-interactive mode. It runs in less than 5 seconds on an off-the-shelf PC. Using the same number of packets, Aicrack-ng yields around 3% success rate. Furthermore, we describe very fast passive only attacks by just eavesdropping TCP/IPv4 packets in a WiFi communication. Our passive attack requires 27 500 packets. This is much less than the number of packets Aircrack-ng requires in active mode (around 37 500), which is a huge improvement. We believe that our analysis brings on further insight to the security of RC4.

show abstract

RC4: Non-randomness in the Index j and Some Results on Its Cycles

Chakraborty

Maitra

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Statistical Attack on RC4

Cited by 27 publications

References 24 publications

A Survey on RC4 Stream Cipher

A Survey on RC4 Stream Cipher

Smashing WEP in a Passive Attack

RC4: Non-randomness in the Index j and Some Results on Its Cycles

Contact Info

Product

Resources

About