55 Hits in 3.6 sec

Proof of Empirical RC4 Biases and New Key Correlations [chapter]

Sourav Sen Gupta, Subhamoy Maitra, Goutam Paul, Santanu Sarkar
2012 Lecture Notes in Computer Science  
In SAC 2010, Sepehrdad, Vaudenay and Vuagnoux have reported some empirical biases between the secret key, the internal state variables and the keystream bytes of RC4, by searching over a space of all linear  ...  This gives rise to the discovery of new keylength-dependent biases of RC4, some as high as 50/N .  ...  The authors would like to thank the anonymous reviewers for their comments and suggestions that helped in polishing the technical and editorial content of this paper.  ... 
doi:10.1007/978-3-642-28496-0_9 fatcat:q4hnfmimhncsrmvdxvudfrgpsm

(Non-)Random Sequences from (Non-)Random Permutations—Analysis of RC4 Stream Cipher

Sourav Sen Gupta, Subhamoy Maitra, Goutam Paul, Santanu Sarkar
2012 Journal of Cryptology  
In the second part of the paper, we present theoretical proofs of some significant initial-round empirical biases observed by Sepehrdad, Vaudenay and Vuagnoux in SAC 2010.  ...  We also investigate for long-term non-randomness in the keystream, and prove a new long-term bias of RC4.  ...  We are sincerely thankful to the anonymous reviewers for their detailed review reports containing invaluable feedback and kind suggestions.  ... 
doi:10.1007/s00145-012-9138-1 fatcat:jc6baa44djbi7ojqsmtxpypr3q

Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA [chapter]

Sourav Sen Gupta, Subhamoy Maitra, Willi Meier, Goutam Paul, Santanu Sarkar
2015 Lecture Notes in Computer Science  
Further, we revisit the correlation of initial keystream bytes in WPA to the first three bytes of the RC4 key.  ...  The first three bytes of the RC4 key in WPA are public as they are derived from the public parameter IV, and this derivation leads to a strong mutual dependence between the first two bytes of the RC4 key  ...  We are thankful to the anonymous reviewers of FSE 2014 for their detailed review reports containing invaluable feedback, which helped in substantially improving the technical and editorial quality of our  ... 
doi:10.1007/978-3-662-46706-0_18 fatcat:xbashw4gkbeedbsxmyvmgddnmm

Analysis of RC4 and Proposal of Additional Layers for Better Security Margin [chapter]

Subhamoy Maitra, Goutam Paul
2008 Lecture Notes in Computer Science  
Analysis of the modified cipher (we call it RC4 + ) shows that this new strategy avoids existing weaknesses of RC4.  ...  Based on our analysis and the results available in literature regarding the existing weaknesses of RC4, few additional layers over the RC4 KSA and RC4 Pseudo-Random Generation Algorithm (PRGA) are proposed  ...  Alexander Maximov for discussion and valuable comments and Mr. Snehasis Mukherjee, Indian Statistical Institute, Kolkata for his support in the preparation of the graphs.  ... 
doi:10.1007/978-3-540-89754-5_3 fatcat:6qzzycz66zhajdib3ffzxdxj4a

On Reconstruction of RC4 Keys from Internal States [chapter]

Shahram Khazaei, Willi Meier
2008 Lecture Notes in Computer Science  
In this work key recovery algorithms from the known internal states of RC4 are investigated.  ...  In particular, we propose a bit-by-bit approach to recover the key by starting from LSB's of the key bytes and ending with their MSB's.  ...  Very recently, Akgün, Kavak and Demirci [1] have developed new biases for RC4, combined them with previous results and provided a new key recovery algorithm from the internal state.  ... 
doi:10.1007/978-3-540-89994-5_14 fatcat:7m3f4qniyvcbvn2ctwzpla33dy

Smashing WEP in a Passive Attack [chapter]

Pouyan Sepehrdad, Petr Sušil, Serge Vaudenay, Martin Vuagnoux
2014 Lecture Notes in Computer Science  
This was achieved through a huge amount of theoretical and experimental analysis (capturing WiFi packets), refinement and optimisation of all the former known attacks and methodologies against RC4 stream  ...  We believe that our analysis brings on further insight to the security of RC4.  ...  See Chapter 3 of [24] for the proof. The List of Biases for RC4 In this section, we only report RC4 correlations which are exploitable against WEP application.  ... 
doi:10.1007/978-3-662-43933-3_9 fatcat:65oj6h46j5gw5a7nhznf6ikfru

A Practical Attack on Broadcast RC4 [chapter]

Itsik Mantin, Adi Shamir
2002 Lecture Notes in Computer Science  
In this paper we describe a major statistical weakness in RC4, which makes it trivial to distinguish between short outputs of RC4 and random strings by analyzing their second bytes.  ...  This weakness can be used to mount a practical ciphertext-only attack on RC4 in some broadcast applications, in which the same plaintext is sent to multiple recipients under different keys.  ...  Proof: In terms of Theorem 2, p = N −(b+1) and q = N b−a−1 .  ... 
doi:10.1007/3-540-45473-x_13 fatcat:bwrycl555rbfdk7ujnrzwibvve

Weaknesses in the Key Scheduling Algorithm of RC4 [chapter]

Scott Fluhrer, Itsik Mantin, Adi Shamir
2001 Lecture Notes in Computer Science  
We use these weak keys to construct new distinguishers for RC4, and to mount related key attacks with practical complexities.  ...  In this paper we present several weaknesses in the key scheduling algorithm of RC4, and describe their cryptanalytic significance.  ...  This correlation is demonstrated in Figure 8 , where the function h −→ P r[1 ≤ ∀r ≤ h Z r ≡ x r mod 2 q ] (for special 2 q -exact keys) is empirically estimated for n = 8, = 16 and different q's.  ... 
doi:10.1007/3-540-45537-x_1 fatcat:xltzf6dnqffzlnpqkynf5y56fa

MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features

Rahul Saha, G. Geetha, Gulshan Kumar, Tai-Hoon Kim, William J Buchanan
2019 IEEE Access  
The Rivest Cipher 4 (RC4) has been one of the most popular stream ciphers for providing symmetric key encryption, and is now proposed as an efficient cipher within light-weight cryptography.  ...  Though RC4 uses pseudorandom features with an initialisation vector and a seed value, the use of true randomness in RC4 is novel in this domain.  ...  Empirical correlations among the keystream bytes and the secret key have been studied thoroughly in [18] , and which show that the non-randomness behaviour of RC4 works as a bias and exhibits such relations  ... 
doi:10.1109/access.2019.2956160 fatcat:nf3vnenbafb3tb55zq674egq4a

State of the Art Realistic Cryptographic Approaches for RC4 Symmetric Stream Cipher

Disha Handa, Bhanu Kapoor
2014 International Journal on Computational Science & Applications  
This paper presents an analysis of available hardware/software parallel implementations of RC4 symmetric key-based algorithm and some security approaches which make it more secure.  ...  Several efficient approaches to the implementation of RC4 have been proposed and we review some of those.  ...  Sourav Sen Gupta et al presented "Proof of empirical RC4 biases and new key correlations" [23] .Authors presented the method which is the combination of hardware pipeline and loop unrolling to design  ... 
doi:10.5121/ijcsa.2014.4403 fatcat:kuq6tievtfhnrixs4ijortu63u

Rethinking the Weakness of Stream Ciphers and Its Application to Encrypted Malware Detection

William Stone, Daeyoung Kim, Victor Youdom Kemmoe, Mingon Kang, Junggab Son
2020 IEEE Access  
The bias discovered shows a correlation between the length of the secret key ( ) and theth byte of the keystream.  ...  The authors break WPA-TKIP by using biases that they detect empirically through statistical analysis, allowing them to uncover the TKIP MIC key. B.  ... 
doi:10.1109/access.2020.3030559 fatcat:igrunm33wbdaxdkir7hlinwi7a

It Started with Templates: The Future of Profiling in Side-Channel Analysis [chapter]

Lejla Batina, Milena Djukanovic, Annelie Heuser, Stjepan Picek
2021 Security of Ubiquitous Computing Systems  
We also speculate on the future directions and the best-case consequences for the security of small devices.  ...  In this chapter, we consider the evolution of profiling attacks, and subsequently we discuss the impacts they have made in the data preprocessing, feature engineering, and classification phases.  ...  Still, generation and synchronization of new keys have practical issues.  ... 
doi:10.1007/978-3-030-10591-4_8 fatcat:n55qmriqyjc57kizbtriegkkmu

True Random Number Generators [chapter]

Mario Stipčević, Çetin Kaya Koç
2014 Open Problems in Mathematics and Computational Science  
Finally, we discuss several examples where use of a true RNG is critical and show how it can significantly improve security of cryptographic systems, and  ...  In this chapter we compare weak and strong aspects of the two approaches.  ...  The random bits are produced at the pace of the mode-locked laser. Bits so obtained are biased and somewhat auto-correlated.  ... 
doi:10.1007/978-3-319-10683-0_12 fatcat:5aexv7mcizea7nq33xcga5ezsu

Permutation After RC4 Key Scheduling Reveals the Secret Key [chapter]

Goutam Paul, Subhamoy Maitra
Selected Areas in Cryptography  
Theoretical proofs of these formulae have been left open since Roos's work (1995).  ...  A theoretical analysis of the RC4 Key Scheduling Algorithm (KSA) is presented in this paper, where the nonlinear operation is swapping among the permutation bytes.  ...  Initial empirical works based on the weaknesses of the RC4 KSA were done in [15, 17] and several classes of weak keys had been identified.  ... 
doi:10.1007/978-3-540-77360-3_23 dblp:conf/sacrypt/PaulM07 fatcat:ykcdepo7nrhwrkwetyhehqblou

On Non-randomness of the Permutation After RC4 Key Scheduling [chapter]

Goutam Paul, Subhamoy Maitra, Rohit Srivastava
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes  
Here we study a weakness of the RC4 Key Scheduling Algorithm (KSA) that has already been noted by Mantin and Mironov.  ...  These biases are independent of the secret key and thus present an evidence that the permutation after the KSA can be distinguished from random permutation without any assumption on the secret key.  ...  Acknowledgments: We thank the anonymous reviewers for detailed comments that improved editorial as well as technical presentation of this paper.  ... 
doi:10.1007/978-3-540-77224-8_14 dblp:conf/aaecc/PaulMS07 fatcat:6euensi3c5hu7kfevlqcsrgw3e
« Previous Showing results 1 — 15 out of 55 results