Iterative Probabilistic Cryptanalysis of RC4 Keystream Generator
ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
Weaknesses in the Key Scheduling Algorithm of RC4
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Analysis Methods for (Alleged) RCA
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
AES Power Attack Based on Induced Cache Miss and Countermeasure
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
Efficient Reconstruction of RC4 Keys from Internal States
Fast Software Encryption
New State Recovery Attack on RC4
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Speeding up Collision Search for Byte-Oriented Hash Functions
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Belief Propagation: An Asymptotically Optimal Algorithm for the Random Assignment Problem
Mathematics of Operations Research
A Cache Timing Analysis of HC-256
Selected Areas in Cryptography
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Cache Timing Analysis of LFSR-Based Stream Ciphers
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Efficient Cache Attacks on AES, and Countermeasures
Journal of Cryptology
New results on instruction cache attacks
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Discovery and exploitation of new biases in RC4
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Impossible fault analysis of RC4 and differential fault analysis of RC4
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Cache-collision timing attacks against AES
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Hi-index | 0.00 |
In this paper we present an attack that recovers the whole internal state of RC4 using a cache timing attack model first introduced in the cache timing attack of Osvik, Shamir and Tromer against some highly efficient AES implementations. In this model, the adversary can obtain some information related to the elements of a secret state used during the encryption process. Zenner formalized this model for LFSRbased stream ciphers. In this theoretical model inspired from practical attacks, we propose a new state recovery analysis on RC4 using a belief propagation algorithm. The algorithm works well and its soundness is proved for known or unknown plaintext and only requires that the attacker queries the RC4 encryption process byte by byte for a practical attack. Depending on the processor, our simulations show that we need between 300 to 1,300 keystream bytes and a computation time of less than a minute.