50 Hits in 4.6 sec

Proving TLS-attack related open biases of RC4

Santanu Sarkar, Sourav Sen Gupta, Goutam Paul, Subhamoy Maitra
2014 Designs, Codes and Cryptography  
They ran extensive computations to identify significant short-term single-byte keystream biases of RC4, and utilized that knowledge in the attack.  ...  In this connection, we prove the anomaly in S0[128] = 127, a problem open for more than a decade.  ...  Conclusion We have proved almost all open short-term single-byte biases that have been exploited in the recent TLS attack [1, 3] .  ... 
doi:10.1007/s10623-014-0003-0 fatcat:sv3jgxgk5raaza2ls23damykgu

RC4 Encryption-A Literature Survey

Poonam Jindal, Brahmjit Singh
2015 Procedia Computer Science  
It is established that innovative research efforts are required to develop secure RC4 algorithm, which can remove the weaknesses of RC4, such as biased bytes, key collisions, and key recovery attacks on  ...  These flaws in RC4 are still offering an open challenge for developers.  ...  However, inspite of so many proposals on RC4, many open issues related to the searches of more biases, key collisions in keystream, and key recovery attack on WPA exists on RC4 till date.  ... 
doi:10.1016/j.procs.2015.02.129 fatcat:3eheztbbh5hwtp6al2am74zq34

A Survey on RC4 Stream Cipher

Poonam Jindal, Brahmjit Singh
2015 International Journal of Computer Network and Information Security  
biased bytes, key collisions, and key recovery attacks specifically on WEP and WPA.  ...  These flaws in RC4 are offering open challenge for developers.  ...  Further in spite of all the developments reported in the literature, there are still many open research challenges and issues related to searches of more biases, key collisions in keystream, and key recovery  ... 
doi:10.5815/ijcnis.2015.07.05 fatcat:qksutfja6behxmg7ycsq3fea3e

Developing RC4 Algorithm Using S-Box of Advanced Encryption Standard Cipher

Ali M. Sagheer et. al.
2018 International Journal of Computing and Digital Systems  
This paper obtains a new algorithm that combines the efficiency of the RC4 and robustness of AES.  ...  RC4 stream cipher is one of the most significant symmetric cryptosystems, it is simple and used in many commercial products.  ...  The modern researches proved that you can practically utilize single and double byte biases for RC4 to acquire any part of the Internet traffic, depending on TLS (Transport Layer Security) with RC4 option  ... 
doi:10.12785/ijcds/070404 fatcat:qlpdlh6pmzecpcfcpwdxb54pse

TLS Record Protocol

Olivier Levillain, Baptiste Gourdin, Hervé Debar
2015 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15  
TLS and its main application HTTPS are an essential part of internet security. Since 2011, several attacks against the TLS Record protocol have been presented.  ...  All the proofs of concept targeted HTTPS and relied on the repetition of some secret element inside the TLS tunnel.  ...  Concerning RC4, it can be noted that other known biases exist and are related to distinct distant groups of keystream bytes.  ... 
doi:10.1145/2714576.2714592 dblp:conf/ccs/LevillainGD15 fatcat:6vmoxcb7qjerlnucuojumhedca

Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA [chapter]

Sourav Sen Gupta, Subhamoy Maitra, Willi Meier, Goutam Paul, Santanu Sarkar
2015 Lecture Notes in Computer Science  
Motivated by the work of AlFardan et al. (2013) , we first prove the interesting sawtooth distribution of the first byte in WPA and the similar nature for the biases in the initial keystream bytes towards  ...  In this paper, we provide a disciplined study of RC4 biases resulting specifically in such a scenario.  ...  We are thankful to the anonymous reviewers of FSE 2014 for their detailed review reports containing invaluable feedback, which helped in substantially improving the technical and editorial quality of our  ... 
doi:10.1007/978-3-662-46706-0_18 fatcat:xbashw4gkbeedbsxmyvmgddnmm

Design and Implementation of Secure Stream Cipher Algorithm

Ali M. Sagheer et. al.
2018 International Journal of Computing and Digital Systems  
Thus, the byte analysis makes it probable for attacking RC4 in some methods of operations.  ...  The initial few bytes of keystream that are generated by pseudo random generation algorithm (PRGA) are biased to several bytes of the private key.  ...  The proposed algorithm doesn't produce anyone of single byte biases and double byte biases while RC4 proved the same single and double bias that was shown previously.  ... 
doi:10.12785/ijcds/070301 fatcat:xtzj3zthcjabxhyzmaup564r7m

Full Plaintext Recovery Attack on Broadcast RC4 [chapter]

Takanori Isobe, Toshihiro Ohigashi, Yuhei Watanabe, Masakatu Morii
2014 Lecture Notes in Computer Science  
Although the broadcast attacks were theoretically estimated, we find that three questions are still open in terms of a practical security of broadcast RC4.  ...  Key words: RC4, broadcast setting, plaintext recovery attack, bias, experimentally-verified attack, SSL/TLS, multi-session setting RC4, designed by Rivest in 1987, is one of most widely used stream ciphers  ...  This work was supported in part by Grant-in-Aid for Scientific Research (C) (KAKENHI 23560455) for Japan Society for the Promotion of Science and Cryptography Research and Evaluation Committee (CRYPTREC  ... 
doi:10.1007/978-3-662-43933-3_10 fatcat:eemv7yxxerdzfmivpo4fkz6fiy

Some New Weaknesses in the RC4 Stream Cipher [chapter]

Jing Lv, Bin Zhang, Dongdai Lin
2014 Lecture Notes in Computer Science  
Keywords: RC4 · Broadcast RC4 · Ciphertext only attack · Distinguishing attack · State recovery attack.  ...  This bias immediately provide distinguisher for RC4, and ciphertext only attack on broadcast RC4.  ...  We give our theoretical proof of the open problem in [10] in Sect. 3, what's more, the corresponding distinguishing attack and ciphertext only attack were presented.  ... 
doi:10.1007/978-3-319-05149-9_2 fatcat:zr7ctdt6irclxhiuxzrablvvtq

New Linear Correlations Related to State Information of RC4 PRGA Using IV in WPA [chapter]

Ryoma Ito, Atsuko Miyaji
2015 Lecture Notes in Computer Science  
In FSE 2014, two different attacks against WPA were proposed by Sen Gupta et al. and Paterson et al. Both focused correlations between the keystream bytes and the first 3 bytes of the RC4 key in WPA.  ...  In this paper, we focus on linear correlations between unknown internal state and the first 3 bytes of the RC4 key in both generic RC4 and WPA, where the first 3 bytes of the RC4 key is known in WPA.  ...  attacks against RC4.  ... 
doi:10.1007/978-3-662-48116-5_27 fatcat:esya5bho5nawrhzkq56bsltvyy

Smashing WEP in a Passive Attack [chapter]

Pouyan Sepehrdad, Petr Sušil, Serge Vaudenay, Martin Vuagnoux
2014 Lecture Notes in Computer Science  
This was achieved through a huge amount of theoretical and experimental analysis (capturing WiFi packets), refinement and optimisation of all the former known attacks and methodologies against RC4 stream  ...  We believe that our analysis brings on further insight to the security of RC4.  ...  Moreover, the new analysis and biases presented in this paper are related to RC4, which is the most popular stream cipher in the history of symmetric key cryptography.  ... 
doi:10.1007/978-3-662-43933-3_9 fatcat:65oj6h46j5gw5a7nhznf6ikfru

Reactive and Proactive Standardisation of TLS [chapter]

Kenneth G. Paterson, Thyla van der Merwe
2016 Lecture Notes in Computer Science  
In an attempt to place TLS within the broader realm of standardisation, we perform a comparative analysis of standardisation models and discuss the standardisation of TLS within this context.  ...  In the development of TLS 1.3, the IETF TLS Working Group has adopted an "analysis-prior-to-deployment" design philosophy. This is in sharp contrast to all previous versions of the protocol.  ...  Van der Merwe was supported by the EPSRC as part of the Centre for Doctoral Training in Cyber Security at Royal Holloway, University of London.  ... 
doi:10.1007/978-3-319-49100-4_7 fatcat:33ngau3bv5a5lb3purmdqqtmxe

Breaking and Fixing the Self Encryption Scheme for Data Security in Mobile Devices

Paolo Gasti, Yu Chen
2010 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing  
Through real-world measurements on top of the iPhone platform, we verified the effectiveness of our proposal.  ...  This paper presents the detailed analysis of the weaknesses of SE scheme and proposes a solution to remove the flaws in SE.  ...  For one, the first few bytes of its output are known to be biased [21] . Therefore, when RC4 is used, the first 128 or so bytes of its output should be discarded.  ... 
doi:10.1109/pdp.2010.13 dblp:conf/pdp/GastiC10 fatcat:2mg3oqrouzeodl3zjyqzcy6ko4

A Secure Energy-saving Communication and Encrypted Storage Model Based on RC4 for EHR

Jinquan Zhang, Haoran Liu, Lina Ni
2020 IEEE Access  
center and the user, and resists the Man-in-the-middle attack.  ...  Aiming at the characteristics of large repetition and high sensitivity of medical data, we present a secure data storage algorithm MedSecrecy based on Huffman compression and RC4.  ...  proposed an open function handshake protocol based on improved ECDH, which is more lightweight than TLS and SSL.  ... 
doi:10.1109/access.2020.2975208 fatcat:imwx3lnmuncqthzvo6i72cmvfe

Adaptive Multi-Connection DASH Scalable Video Coding for Wireless Area Networks

Samar Ali et. al.
2018 International Journal of Computing and Digital Systems  
This paper obtains a new algorithm that combines the efficiency of the RC4 and robustness of AES.  ...  Additionally, the developed algorithm is robust against most attacks, such as distinguishing attack and can be used in different protocols such as Secure Sockets Layer (SSL) Protocol, Oracle Secure SQL  ...  ACKNOWLEDGMENT The authors acknowledge the support of Zewail City of Science and Technology -Cairo -Egypt and Southern University and A&M College -Baton Rouge -USA for their support to finalize this work  ... 
doi:10.12785/ijcds/070401 fatcat:npi4a2vr7zczrcooum2ukw2fxq
« Previous Showing results 1 — 15 out of 50 results