Passive-Only Key Recovery Attacks on RC4

We present several weaknesses in the key scheduling algorithm of RC4 when the secret key contains an initialization vector - a cryptographic scheme typically used by the WEP and WPA protocols to protect IEEE 802.11 wireless communications. First, we show how the previously discovered key recovery attacks can be improved by reducing the dependency between the secret key bytes. Then, we describe two new weaknesses related to the modulo operation of the key scheduling algorithm. Finally, we describe a passive-only attack able to significantly improve the key recovery process on WEP with a data complexity of 2<sup>15</sup> eavesdropped packets.


Published in:
SAC 2007, 344-359
Presented at:
SAC 2007, Ottawa, Canada
Year:
2007
Publisher:
None, Springer
Laboratories:




 Record created 2008-01-07, last modified 2018-03-17

n/a:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)