Filters








75 Hits in 5.3 sec

Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS

Christina Garman, Kenneth G. Paterson, Thyla van der Merwe
2015 USENIX Security Symposium  
Our work validates the truism that attacks only get better with time: we obtain good success rates in recovering user passwords with 2 26 encryptions, whereas the previous generation of attacks required  ...  We provide new attacks against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means of user authentication on the Internet today.  ...  rein on a 512-core system for the 4800 coredays necessary to perform our double-byte keystream distribution estimates, while resources from Google and Ruhr Universität Bochum were used to conduct our attack  ... 
dblp:conf/uss/GarmanPM15 fatcat:tlv47cctlvgfrnywd7wgsnw5g4

On the Security of RC4 in TLS

Nadhem J. AlFardan, Daniel J. Bernstein, Kenneth G. Paterson, Bertram Poettering, Jacob C. N. Schuldt
2013 USENIX Security Symposium  
In this paper, we present ciphertext-only plaintext recovery attacks against TLS when RC4 is selected for encryption.  ...  Our attacks build on recent advances in the statistical analysis of RC4, and on new findings announced in this paper.  ...  Acknowledgements We thank David McGrew for raising the question of the security of RC4 in TLS.  ... 
dblp:conf/uss/AlFardanBPPS13 fatcat:i6hzgcx3xrdlhkvrvsfmvx4sqe

Improved Secure Stream Cipher for Cloud Computing

Sergiy Gnatyuk, Maksim Iavich, Vasyl Kinzeryavyy, Tetyana Okhrimenko, Yuliia Burmak, Iuliia Goncharenko
2020 International Conference on Information and Communication Technologies in Education, Research, and Industrial Applications  
The main disadvantage of cipher RC4-128, which is used in this cloud service, is identified. After this improved stream cipher based on RC4-128 has been developed.  ...  Besides that, in this work Google Drіve work scheme and data protection in the cloud service were presented.  ...  Analyzing the results, it can be conclude that the software implementation of the improved stream cipher passed complex control according to the NIST STS technique and showed better results than RC4-128  ... 
dblp:conf/icteri/GnatyukIKOBG20 fatcat:hauvdx37yzh47hqzl2xcdtu6qy

Analysis and Study of Network Security at Transport Layer

Hiren Parmar, Atul Gosai
2015 International Journal of Computer Applications  
In other word, "security needs continuous improvement for better security".  ...  Major security issues at presents are various kinds of man-in-themiddle (MITM) attacks, authentication related attacks, Distributed Denial of Service (DDoS) attacks and security association related attacks  ...  Where as in the MITM attack changes the content of the message before sending it on, a reply attack only saves the message and then sends it later against [19] .  ... 
doi:10.5120/21604-4716 fatcat:qjmdulgc5vfnfbaczpewrcft6q

On the Practical (In-)Security of 64-bit Block Ciphers

Karthikeyan Bhargavan, Gaëtan Leurent
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
This complexity is comparable to the recent RC4 attacks on TLS: the only fully implemented attack takes 75 hours.  ...  such as TLS, SSH, and IPsec.  ...  Plaintext recovery attack against CBC The CBC mode is one of the oldest encryption modes, and still widely used.  ... 
doi:10.1145/2976749.2978423 dblp:conf/ccs/BhargavanL16 fatcat:kino5nznhraotkqplutqasjtyi

Plaintext Recovery Attacks Against WPA/TKIP [chapter]

Kenneth G. Paterson, Bertram Poettering, Jacob C. N. Schuldt
2015 Lecture Notes in Computer Science  
We conduct an analysis of the RC4 algorithm as it is used in the IEEE WPA/TKIP wireless standard.  ...  These biases permit us to mount an effective statistical, plaintext-recovering attack in the situation where the same plaintext is encrypted in many different frames (the so-called "broadcast attack" setting  ...  Examples of the former were already used in keystream recovery attacks against TKIP, as a prelude to MIC key recovery and frame injection attacks -see, for example, [20, 23] .  ... 
doi:10.1007/978-3-662-46706-0_17 fatcat:ilgc2xoekndrjdktfsmuojuedm

TLS hardening [article]

Emmanuel Dreyfus
2014 arXiv   pre-print
Protocols known as secure will be cracked and will be replaced with better versions.  ...  Fortunately we will see that there are ways to assess the current security of your setup, but this explains why you may have to read further from this document to get the up to date knowledge on TLS security  ...  On the other hand, there is no way to defend against attacks on RC4, and they are likely to get more efficient at times goes.  ... 
arXiv:1407.2168v1 fatcat:xsuvdqcjhbhxnp4vvlm7g32cfe

On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HTTP over TLS and OpenVPN [article]

Karthikeyan Bhargavan, Gaëtan Leurent
2016 IACR Cryptology ePrint Archive  
This complexity is comparable to the recent RC4 attacks on TLS: the only fully implemented attack takes 75 hours.  ...  such as TLS, SSH, and IPsec.  ...  [19] improved the first attack to require only 2 26 sessions when targeting a BasicAuth password, using a better guessing strategy; • the latest attack by Vanhoef and Piessens [32] requires 2 30.2  ... 
dblp:journals/iacr/BhargavanL16 fatcat:ighusk3rjjhnvd2j3mp5lirbna

Statistical attacks on cookie masking for RC4

Kenneth G. Paterson, Jacob C. N. Schuldt
2018 Cryptography and Communications  
We show that, in fact, both are vulnerable to variants of the known attacks against RC4 in SSL/TLS exploiting the Mantin biases (Mantin, EUROCRYPT 2005): -For the TLS Scramble mechanism, we provide a detailed  ...  Taken together, our analyses show that the cookie masking mechanisms as proposed by Levillain et al. only moderately increase the security of RC4 in SSL/TLS.  ...  Schuldt was supported in part by JSPS KAKENHI Grant Number 15K16006.  ... 
doi:10.1007/s12095-018-0280-y fatcat:lc4ghdssqbayxmseg3f72eoz2u

Increasing Robustness of RC4 Family for Automated Selection of Ciphersuites

Arun Kumar Singh, Shefalika Ghosh Samaddar, Swagat Ranjan Sahoo, Glitto Mathew
2012 Procedia Engineering  
This analysis shows that, the full-size RC4 remains secure against known attacks [2] . The family of algorithm considered here is based on RC4.  ...  The basic RC4 algorithm and its variants suggested by different authors like RC4 KSA [3], RC4-PRGA are included in the family.  ...  A new algorithm RC4A [10] , based on RC4's exchange shuttle model, offers increased resistance against most attacks that apply to RC4.  ... 
doi:10.1016/j.proeng.2012.01.832 fatcat:l4s67iwlizfqfplwi5fd6w275i

A Review on Wireless Network Security [chapter]

Sandeep Sharma, Rajesh Mishra, Karan Singh
2013 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
Therefore, many researchers are working in this hot area to secure the wireless communication. In this paper, we discuss the WEP, WPA, WPA2 and the RSA protocols and give the comparative study.  ...  Generally the wireless is mostly adopted technology by us due to various advantages like ease of installation, mobility, reconfigure ability, low infrastructural cost etc. but suffers from more attacks  ...  In this paper an overview and comparison of the WEP, WPA and RSA is given as a comparative chart which shows that RSA perform better than the WEP and WPA.  ... 
doi:10.1007/978-3-642-37949-9_58 fatcat:bjodudxaofad5giwyw5wim2zry

Reactive and Proactive Standardisation of TLS [chapter]

Kenneth G. Paterson, Thyla van der Merwe
2016 Lecture Notes in Computer Science  
In the development of TLS 1.3, the IETF TLS Working Group has adopted an "analysis-prior-to-deployment" design philosophy. This is in sharp contrast to all previous versions of the protocol.  ...  In an attempt to place TLS within the broader realm of standardisation, we perform a comparative analysis of standardisation models and discuss the standardisation of TLS within this context.  ...  London, and in part by EPSRC grant EP/M013472/1.  ... 
doi:10.1007/978-3-319-49100-4_7 fatcat:33ngau3bv5a5lb3purmdqqtmxe

SoK: Lessons Learned from SSL/TLS Attacks [chapter]

Christopher Meyer, Jörg Schwenk
2014 Lecture Notes in Computer Science  
This paper presents an overview on theoretical and practical attacks of the last 17 years, in chronological order and four categories: Attacks on the Handshake protocol, on the Record and Application Data  ...  Since its introduction in 1994 the Secure Socket Layer (SSL) protocol (later renamed to Transport Layer Security (TLS)) evolved to the de facto standard for securing the transport layer.  ...  The attack enables plaintext recovery against TLS and DTLS by exploiting the already discussed MAC-then-PAD-then-Encrypt design of the protocols.  ... 
doi:10.1007/978-3-319-05149-9_12 fatcat:u2hn3qqjzzbobmsm4h3tiibdl4

Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys

Mathy Vanhoef, Frank Piessens
2016 USENIX Security Symposium  
Here we discover a downgrade attack that forces usage of RC4 to encrypt the group key when transmitted in the 4-way handshake.  ...  We study this peculiar usage of RC4, and find that capturing 2 31 handshakes can be sufficient to recover (i.e., decrypt) a 128-bit group key.  ...  We now use the IV-dependent biases to recover repeated plaintext, in order to get an indication of how well a plaintext recovery attack works against the 4-way handshake.  ... 
dblp:conf/uss/VanhoefP16 fatcat:upa2zwpb4rdm5dnoa5doeoku5i

Lucky 13 Strikes Back

Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, Berk Sunar
2015 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15  
Our version of the attack exploits distinguishable cache access times enabled by VM deduplication to detect dummy function calls that only happen in case of an incorrectly CBC-padded TLS packet.  ...  In this work we show how the Lucky 13 attack can be resurrected in the cloud by gaining access to a virtual machine co-located with the target.  ...  The BEAST chosen plaintext attack (Browser Exploit Against SSL/TLS) [15] exploited a long-known cipher block chaining (CBC) mode IV vulnerability in TLS 1.0 [25] to achieve full plaintext recovery.  ... 
doi:10.1145/2714576.2714625 dblp:conf/ccs/ApececheaIES15 fatcat:wdfl4jazofas7j5vp2chs7jjcq
« Previous Showing results 1 — 15 out of 75 results