Attacks only get better: Password recovery attacks against RC4 in TLS

Proceedings of the 24th USENIX Security Symposium

Volumn , Issue , 2015, Pages 113-128

  Garman, Christina ^a   Paterson, Kenneth G ^b   Van Der Merwe, Thyla ^b  

^a JOHNS HOPKINS UNIVERSITY   (United States)

^b UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

BAYESIAN NETWORKS; CRYPTOGRAPHY; HTTP; INFERENCE ENGINES; RECOVERY; SEEBECK EFFECT;

APPLICATION LAYER PROTOCOLS; BAYESIAN INFERENCE; EXTENSIVE SIMULATIONS; PASSWORD RECOVERIES; PRIORI INFORMATION; PROOF OF CONCEPT; RC4 ALGORITHM; USER AUTHENTICATION;

AUTHENTICATION;

EID: 85076270691     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (22)

1. ADAMS, A., AND SASSE, M. A. Users are not the enemy. Com-mun. ACM 42, 12 (Dec. 1999), 40–46.
2. ALFARDAN, N. J., BERNSTEIN, D. J., PATERSON, K. G., POETTERING, B., AND SCHULDT, J. C. N. On the Security of RC4 in TLS. In Proceedings of the 22nd USENIX Conference on Security (Berkeley, CA, USA, 2013), SEC’13, USENIX Association, pp. 305–320.
3. BERNERS-LEE, T., FIELDING, R., AND FRYSTYK, H. The Hypertext Transfer Protocol HTTP/1.0. RFC 1945 (Informational), May 1996.
4. BONNEAU, J. The science of guessing: Analyzing an anonymized corpus of 70 million passwords. In IEEE Symposium on Security and Privacy, SP 2012, 21-23 May 2012, San Francisco, California, USA (2012), IEEE Computer Society, pp. 538–552.
5. BONNEAU, J., AND PREIBUSCH, S. The password thicket: Technical and market failures in human authentication on the web. In 9th Annual Workshop on the Economics of Information Security, WEIS 2010, Harvard University, Cambridge, MA, USA, June 7 - 8 (2010).
6. DIERKS, T., AND ALLEN, C. The TLS Protocol Version 1.0. RFC 2246, Internet Engineering Task Force, Jan. 1999.
7. DIERKS, T., AND RESCORLA, E. The Transport Layer Security (TLS) Protocol Version 1.1. RFC 4346, Internet Engineering Task Force, Apr. 2006.
8. DIERKS, T., AND RESCORLA, E. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, Internet Engineering Task Force, Aug. 2008.
9. FLORENCIO, D., AND HERLEY, C. A Large-scale Study of Web Password Habits. In Proceedings of the 16th International Conference on World Wide Web (New York, NY, USA, 2007), WWW’07, ACM, pp. 657–666.
10. FLUHRER, S. R., AND MCGREW, D. Statistical analysis of the alleged RC4 keystream generator. In FSE (2000), B. Schneier, Ed., vol. 1978 of Lecture Notes in Computer Science, Springer, pp. 19–30.
11. FRANKS, J., HALLAM-BAKER, P., HOSTETLER, J., LAWRENCE, S., LEACH, P., LUOTONEN, A., AND STEWART, L. HTTP Authentication: Basic and Digest Access authentication. RFC 2617 (Informational), June 1999.
12. GARMAN, C., PATERSON, K. G., AND VAN DER MERWE, T. Attacks only get better: Password recovery attacks against RC4 in TLS. Full version of this paper. Available from http://www.isg.rhul.ac.uk/tls/RC4mustdie.html.
13. ISOBE, T., OHIGASHI, T., WATANABE, Y., AND MORII, M. Full plaintext recovery attack on broadcast RC4. In Preproceedings of FSE (2013).
14. MANTIN, I. Predicting and distinguishing attacks on RC4 keystream generator. In EUROCRYPT (2005), R. Cramer, Ed., vol. 3494 of Lecture Notes in Computer Science, Springer, pp. 491–506.
15. MANTIN, I., AND SHAMIR, A. A practical attack on broadcast RC4. In FSE (2001), M. Matsui, Ed., vol. 2355 of Lecture Notes in Computer Science, Springer, pp. 152–164.
16. OHIGASHI, T., ISOBE, T., WATANABE, Y., AND MORII, M. How to recover any byte of plaintext on RC4. In Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby, BC, Canada, August 14-16, 2013, Revised Selected Papers (2013), T. Lange, K. E. Lauter, and P. Lisonek, Eds., vol. 8282 of Lecture Notes in Computer Science, Springer, pp. 155–173.
17. SALOWEY, J., ZHOU, H., ERONEN, P., AND TSCHOFENIG, H. Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077 (Proposed Standard), Jan. 2008.
18. SARKAR, S., SEN GUPTA, S., PAUL, G., AND MAITRA, S. Proving TLS-attack related open biases of RC4. IACR Cryptology ePrint Archive 2013 (2013), 502.
19. SEN GUPTA, S., MAITRA, S., PAUL, G., AND SARKAR, S. (Non-) random sequences from (non-) random permutations – analysis of RC4 stream cipher. Journal of Cryptology 27, 1 (2012), 67–108.
20. WEIR, M., AGGARWAL, S., COLLINS, M. P., AND STERN, H. Testing metrics for password creation policies by attacking large sets of revealed passwords. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010 (2010), E. Al-Shaer, A. D. Keromytis, and V. Shmatikov, Eds., ACM, pp. 162–175.
21. YAN, J., BLACKWELL, A., ANDERSON, R., AND GRANT, A. Password Memorability and Security: Empirical Results. IEEE Security and Privacy 2, 5 (Sept. 2004), 25–31.
22. ZVIRAN, M., AND HAGA, W. J. Password Security: An Empirical Study. J. Manage. Inf. Syst. 15, 4 (Mar. 1999), 161–185.