Weaknesses in the Key Scheduling Algorithm of RC4
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Statistical Analysis of the Alleged RC4 Keystream Generator
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
A Practical Attack on Broadcast RC4
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Attacks on the RC4 stream cipher
Designs, Codes and Cryptography
Efficient Reconstruction of RC4 Keys from Internal States
Fast Software Encryption
New Results on the Key Scheduling Algorithm of RC4
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Key Collisions of the RC4 Stream Cipher
Fast Software Encryption
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Passive-only key recovery attacks on RC4
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Permutation after RC4 key scheduling reveals the secret key
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Breaking 104 Bit WEP in less than 60 seconds
WISA'07 Proceedings of the 8th international conference on Information security applications
Generalized RC4 key collisions and hash collisions
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Predicting and distinguishing attacks on RC4 keystream generator
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A new class of RC4 colliding key pairs with greater hamming distance
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
How to find short RC4 colliding key pairs
ISC'11 Proceedings of the 14th international conference on Information security
Hi-index | 0.00 |
A new key recovery attack under related-key model on RC4 is presented in this paper. This novel attack is based on the property that RC4 can generate a large amount of colliding key pairs. By making use of this property, we are able to recover any random key in practical time when the length of the key is large under a new proposed related key model. Differing from the attack against WEP, neither the knowledge of the IVs nor the keystream outputs are required. Also compared with some recent key recovery attacks, which assume that the attacker knows the S-Box after KSA algorithm and can only recover very short keys (5 bytes) efficiently, our attack works very well for keys with larger size. We give the theoretical proof for the complexity of our attack which matches with the experimental result very well. An 86-byte random secret key can be recovered in about 21.2 hours time by using a standard desktop PC. This novel attack provides us with another theoretical approach to attack WPA and WEP. Remark that our model can be used for more efficient key recovering if any new key collisions can be further discovered in the future.