On the security of RC4 in TLS

Proceedings of the 22nd USENIX Security Symposium

Volumn , Issue , 2013, Pages 305-320

  AlFardan, Nadhem J ^a   Bernstein, Daniel J ^b,c   Paterson, Kenneth G ^a   Poettering, Bertram ^a   Schuldt, Jacob C N ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

^b UNIVERSITY OF ILLINOIS AT CHICAGO   (United States)

^c EINDHOVEN UNIVERSITY OF TECHNOLOGY   (Netherlands)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOGRAPHY; INTERNET PROTOCOLS; SEEBECK EFFECT;

CIPHERTEXTS; EXPERIMENTAL EVALUATION; MOBILE APPLICATIONS; PLAINTEXT RECOVERY ATTACKS; STREAM CIPHERS; SYMMETRIC ENCRYPTION; TRANSPORT LAYER SECURITY PROTOCOLS; UNTRUSTED NETWORK;

NETWORK SECURITY;

EID: 85019748703     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (26)

1. Wireless LAN medium access control (MAC) and physical layer (PHY) specification, 1997.
2. Wireless LAN medium access control (MAC) and physical layer (PHY) specification: Amendment 6: Medium access control (MAC) security enhancements, 2004.
3. ALFARDAN, N., and PATERSON, K. G. Lucky 13: Breaking the TLS and DTLS record protocols. In IEEE Symposium on Security and Privacy (2013).
4. ALFARDAN, N. J., and BERNSTEIN., D. J., PATERSON, K. G., PO-ETTERING, B., and SCHULDT, J. C. N. On the security of RC4 in TLS and WPA. Information Security Group at Royal Holloway, University of London, 2013. http://www.isg.rhul.ac.uk/tls/RC4biases.pdf.
5. AMMAN, B. Personal communication, February 2013.
6. CANVEL, B., HILTGEN, A., VAUDENAY, S., and VUAGNOUX, M. Password interception in a SSL/TLS channel. Advances in Cryptology-CRYPTO 2003 (2003), 583-599.
7. DIERKS, T., and ALLEN, C. The TLS Protocol Version 1.0. RFC 2246, Internet Engineering Task Force, Jan. 1999.
8. DIERKS, T., and RESCORLA, E. The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346, Internet Engineering Task Force, Apr. 2006.
9. DIERKS, T., and RESCORLA, E. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, Internet Engineering Task Force, Aug. 2008.
10. DUONG, T., and RIZZO, J. Here come the Ninjas. Unpublished manuscript, 2011.
11. FLUHRER, S. R., MANTIN, I., and SHAMIR, A. Weaknesses in the key scheduling algorithm of RC4. In Selected Areas in Cryptography (2001), S. Vaudenay and A. M. Youssef, Eds., Vol. 2259 of Lecture Notes in Computer Science, Springer, pp. 1-24.
12. FLUHRER, S. R., and MCGREW, D. Statistical analysis of the alleged RC4 keystream generator. In FSE (2000), B. Schneier, Ed., Vol. 1978 of Lecture Notes in Computer Science, Springer, pp. 19-30.
13. ISOBE, T., OHIGASHI, T., WATANABE, Y., and MORII, M. Full plaintext recovery attack on broadcast RC4. In Preproceedings of FSE (2013).
14. JAGANATHAN, K., ZHU, L., and BREZAK, J. The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows. RFC 4757 (Informational), Dec. 2006.
15. MAITRA, S., PAUL, G., and SENGUPTA, S. Attack on broadcast RC4 revisited. In FSE (2011), A. Joux, Ed., Vol. 6733 of Lecture Notes in Computer Science, Springer, pp. 199-217.
16. MANTIN, I. Predicting and distinguishing attacks on rc4 keystream generator. In EUROCRYPT (2005), R. Cramer, Ed., Vol. 3494 of Lecture Notes in Computer Science, Springer, pp. 491-506.
17. MANTIN, I., and SHAMIR, A. A practical attack on broadcast RC4. In FSE (2001), M. Matsui, Ed., Vol. 2355 of Lecture Notes in Computer Science, Springer, pp. 152-164.
18. MCGREW, D., and BAILEY, D. AES-CCM Cipher Suites for Transport Layer Security (TLS). RFC 6655 (Proposed Standard), 2012.
19. MIRONOV, I. (Not so) random shuffles of RC4. In CRYPTO (2002), M. Yung, Ed., Vol. 2442 of Lecture Notes in Computer Science, Springer, pp. 304-319.
20. PHP DOCUMENTATION GROUP. PHP manual, Feb 2013. http://www.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character.
21. SALOWEY, J., CHOUDHURY, A., and MCGREW, D. AES Galois Counter Mode (GCM) Cipher Suites for TLS. RFC 5288 (Proposed Standard), Aug. 2008.
22. SEN GUPTA, S., MAITRA, S., PAUL, G., and SARKAR, S. Proof of empirical RC4 biases and new key correlations. In Selected Areas in Cryptography (2011), pp. 151-168.
23. SEN GUPTA, S., MAITRA, S., PAUL, G., and SARKAR, S. (Non-) random sequences from (non-) random permutations - analysis of RC4 stream cipher. Journal of Cryptology to appear (2013).
24. SEPEHRDAD, P., VAUDENAY, S., and VUAGNOUX, M. Discovery and exploitation of new biases in RC4. In Selected Areas in Cryptography (2010), A. Biryukov, G. Gong, and D. R. Stinson, Eds., Vol. 6544 of Lecture Notes in Computer Science, Springer, pp. 74-91.
25. SEPEHRDAD, P., VAUDENAY, S., and VUAGNOUX, M. Statistical attack on RC4 - distinguishing WPA. In EUROCRYPT (2011), K. G. Paterson, Ed., Vol. 6632 of Lecture Notes in Computer Science, Springer, pp. 343-363.
26. VAUDENAY, S., and VUAGNOUX, M. Passive-only key recovery attacks on RC4. In Selected Areas in Cryptography (2007), C. M. Adams, A. Miri, and M. J. Wiener, Eds., Vol. 4876 of Lecture Notes in Computer Science, Springer, pp. 344-359.