Passive-Only Key Recovery Attacks on RC4
We present several weaknesses in the key scheduling algorithm of RC4 when the secret key contains an initialization vector - a cryptographic scheme typically used by the WEP and WPA protocols to protect IEEE 802.11 wireless communications. First, we show how the previously discovered key recovery attacks can be improved by reducing the dependency between the secret key bytes. Then, we describe two new weaknesses related to the modulo operation of the key scheduling algorithm. Finally, we describe a passive-only attack able to significantly improve the key recovery process on WEP with a data complexity of 2<sup>15</sup> eavesdropped packets.
VV07.pdf
openaccess
187.67 KB
Adobe PDF
339772e6327ae90a1f0f8f9b14aa3fc8