Abstract
RC4, designed by Rivest, is widely used including WPA, which is one of the security protocols for IEEE 802.11 wireless standard. The first 3-byte RC4 keys in WPA generated by IV are known since IV can be obtained by observing a packet. In 2014, Sen Gupta et al. found linear correlations between the keystream byte and known RC4 key bytes. In 2015, Our previous work extended linear correlations to include unknown internal states as well as the keystream byte and known RC4 key bytes. They found more than 150 linear correlations experimentally, and proved only 6 cases theoretically. In this paper, we will provide theoretical proof of 15 cases out of their unproven linear correlations. These theoretical results demonstrated how TKIP key generation procedure in WPA induces biases on internal states different from generic RC4.
A. Miyaji—Supported by the project “The Security infrastructure Technology for Integrated Utilization of Big Data” of Japan Science and Technology Agency CREST.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Das, A., Maitra, S., Paul, G., Sarkar, S.: Some Combinatorial Results towards State Recovery Attack on RC4. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2011. LNCS, vol. 7093, pp. 204–214. Springer, Heidelberg (2011)
Fluhrer, S.R., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)
Sen Gupta, S., Maitra, S., Meier, W., Paul, G., Sarkar, S.: Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 350–369. Springer, Heidelberg (2015)
Isobe, T., Ohigashi, T., Watanabe, Y., Morii, M.: Full Plaintext Recovery Attack on Broadcast RC4. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 179–202. Springer, Heidelberg (2014)
Ito, R., Miyaji, A.: New Linear Correlations related to State Information of RC4 PRGA using IV in WPA. In: Fast Software Encryption, FSE 2015 (to appear, 2015)
Knudsen, L.R., Meier, W., Preneel, B., Rijmen, V., Verdoolaege, S.: Analysis Methods for (Alleged) RC4. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 327–341. Springer, Heidelberg (1998)
Mantin, I.: Analysis of the Stream Cipher RC4. Master’s thesis, The Weizmann Institute of Science, Israel (2001). http://www.wisdom.weizmann.ac.il/itsik/RC4/rc4.html
Mantin, I., Shamir, A.: Practical Attack on Broadcast RC4. In: Matsui, M. (ed.) Fast Software Encryption - FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Berlin Heidelberg (2002)
Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)
Paul, G., Maitra, S.: Permutation After RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)
Roos, A.: A class of weak keys in the RC4 stream cipher. Posts in sci.crypt. http://marcel.wanda.ch/Archive/WeakKeys (1995)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Ito, R., Miyaji, A. (2015). How TKIP Induces Biases of Internal States of Generic RC4. In: Foo, E., Stebila, D. (eds) Information Security and Privacy. ACISP 2015. Lecture Notes in Computer Science(), vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-19962-7_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19961-0
Online ISBN: 978-3-319-19962-7
eBook Packages: Computer ScienceComputer Science (R0)