Statistical Attack on RC4: Distinguishing WPA

Sepehrdad, Pouyan; Vaudenay, Serge; Vuagnoux, Martin

Presented at: EUROCRYPT 2011, Tallinn, Estonia, May 15-19, 2011
Published in: Advances in Cryptology – EUROCRYPT 2011, vol. 6632, p. 343-363
Series: Lecture Notes in Computer Science 6632
Springer, 2011

In this paper we construct several tools for manipulating pools of biases in the analysis of RC4. Then, we show that optimized strategies can break WEP based on 4000 packets by assuming that the first bytes of plaintext are known for each packet. We describe similar attacks for WPA. Firstly, we describe a distinguisher for WPA of complexity 2^43 and advantage 0.5 which uses 2^40 packets. Then, based on several partial temporary key recovery attacks, we recover the full 128-bit temporary key by using 2^38 packets. It works within a complexity of 2^96. So far, this is the best attack against WPA. We believe that our analysis brings further insights on the security of RC4.

Keywords: Secret Key ; Keystream Generator ; Stream Cipher ; Permutation ; Weakness ; Bytes ; State ; Bias

Reference

EPFL-CONF-165984
View record in Web of Science

Record created on 2011-05-21, modified on 2012-11-08

Fulltext

wpa-e11proc2 (pdf, 173 KiB)

Contacts

Security and Cryptography Laboratory

Prospective students portal

Students portal

Researchers portal

Staff portal

Business portal

Mediacorner

Teaching portal

Alumni Portal

Architecture, Civil and Environmental Engineering ENAC

Basic Sciences SB

Engineering STI

Computer & Communication Sciences I&C

Life Sciences SV

Management of Technology CDM

College of Humanities CDH

EPFL

Education

Research

Innovation & Tech Transfer

International portal

Statistical Attack on RC4: Distinguishing WPA

Reference

Fulltext

Contacts

EPFL authors