The search functionality is under construction.
The search functionality is under construction.

New Iterated RC4 Key Correlations and their Application to Plaintext Recovery on WPA-TKIP

Ryoma ITO, Atsuko MIYAJI

  • Full Text Views

    0

  • Cite this

Summary :

This paper presents new key correlations of the keystream bytes generated from RC4 and their application to plaintext recovery on WPA-TKIP. We first observe new key correlations between two bytes of the RC4 key pairs and a keystream byte in each round, and provide their proofs. We refer to these correlations as iterated RC4 key correlations since two bytes of the RC4 key pairs are iterated every 16 rounds. We then extend the existing attacks by Isobe et al. at FSE 2013 and AlFardan et al. at USENIX Security 2013, 0and finally propose an efficient attack on WPA-TKIP. We refer to the proposed attack as chosen plaintext recovery attack (CPRA) since it chooses the best approach for each byte from a variety of the existing attacks. In order to recover the first 257 bytes of a plaintext on WPA-TKIP with success probability of at least 90%, CPRA requires approximately 230 ciphertexts, which are approximately half the number of ciphertexts for the existing attack by Paterson et al. at FSE 2014.

Publication
IEICE TRANSACTIONS on Fundamentals Vol.E104-A No.1 pp.190-202
Publication Date
2021/01/01
Publicized
Online ISSN
1745-1337
DOI
10.1587/transfun.2020CIP0006
Type of Manuscript
Special Section PAPER (Special Section on Cryptography and Information Security)
Category

Authors

Ryoma ITO
  National Institute of Information and Communications Technology
Atsuko MIYAJI
  Osaka University,Japan Advanced Institute of Science and Technology,Japan Science and Technology Agency

Keyword