Cargando…
Analysing and exploiting the Mantin biases in RC4
We explore the use of the Mantin biases (Mantin, Eurocrypt 2005) to recover plaintexts from RC4-encrypted traffic. We provide a more fine-grained analysis of these biases than in Mantin’s original work. We show that, in fact, the original analysis was incorrect in certain cases: the Mantin biases ar...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Springer US
2017
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6936655/ https://www.ncbi.nlm.nih.gov/pubmed/31929683 http://dx.doi.org/10.1007/s10623-017-0355-3 |
| _version_ | 1783483747306307584 |
|---|---|
| author | Bricout, Remi Murphy, Sean Paterson, Kenneth G. van der Merwe, Thyla |
| author_facet | Bricout, Remi Murphy, Sean Paterson, Kenneth G. van der Merwe, Thyla |
| author_sort | Bricout, Remi |
| collection | PubMed |
| description | We explore the use of the Mantin biases (Mantin, Eurocrypt 2005) to recover plaintexts from RC4-encrypted traffic. We provide a more fine-grained analysis of these biases than in Mantin’s original work. We show that, in fact, the original analysis was incorrect in certain cases: the Mantin biases are sometimes non-existent, and sometimes stronger than originally predicted. We then show how to use these biases in a plaintext recovery attack. Our attack targets two unknown bytes of plaintext that are located close to sequences of known plaintext bytes, a situation that arises in practice when RC4 is used in, for example, TLS. We provide a statistical framework that enables us to make predictions about the performance of this attack and its variants. We then extend the attack using standard dynamic programming techniques to tackle the problem of recovering longer plaintexts, a setting of practical interest in recovering HTTP session cookies and user passwords that are protected by RC4 in TLS. We perform experiments showing that we can successfully recover 16-byte plaintexts with 80% success rate using [Formula: see text] ciphertexts, an improvement over previous attacks. |
| format | Online Article Text |
| id | pubmed-6936655 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2017 |
| publisher | Springer US |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-69366552020-01-09 Analysing and exploiting the Mantin biases in RC4 Bricout, Remi Murphy, Sean Paterson, Kenneth G. van der Merwe, Thyla Des Codes Cryptogr Article We explore the use of the Mantin biases (Mantin, Eurocrypt 2005) to recover plaintexts from RC4-encrypted traffic. We provide a more fine-grained analysis of these biases than in Mantin’s original work. We show that, in fact, the original analysis was incorrect in certain cases: the Mantin biases are sometimes non-existent, and sometimes stronger than originally predicted. We then show how to use these biases in a plaintext recovery attack. Our attack targets two unknown bytes of plaintext that are located close to sequences of known plaintext bytes, a situation that arises in practice when RC4 is used in, for example, TLS. We provide a statistical framework that enables us to make predictions about the performance of this attack and its variants. We then extend the attack using standard dynamic programming techniques to tackle the problem of recovering longer plaintexts, a setting of practical interest in recovering HTTP session cookies and user passwords that are protected by RC4 in TLS. We perform experiments showing that we can successfully recover 16-byte plaintexts with 80% success rate using [Formula: see text] ciphertexts, an improvement over previous attacks. Springer US 2017-03-28 2018 /pmc/articles/PMC6936655/ /pubmed/31929683 http://dx.doi.org/10.1007/s10623-017-0355-3 Text en © The Author(s) 2017 Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. |
| spellingShingle | Article Bricout, Remi Murphy, Sean Paterson, Kenneth G. van der Merwe, Thyla Analysing and exploiting the Mantin biases in RC4 |
| title | Analysing and exploiting the Mantin biases in RC4 |
| title_full | Analysing and exploiting the Mantin biases in RC4 |
| title_fullStr | Analysing and exploiting the Mantin biases in RC4 |
| title_full_unstemmed | Analysing and exploiting the Mantin biases in RC4 |
| title_short | Analysing and exploiting the Mantin biases in RC4 |
| title_sort | analysing and exploiting the mantin biases in rc4 |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6936655/ https://www.ncbi.nlm.nih.gov/pubmed/31929683 http://dx.doi.org/10.1007/s10623-017-0355-3 |
| work_keys_str_mv | AT bricoutremi analysingandexploitingthemantinbiasesinrc4 AT murphysean analysingandexploitingthemantinbiasesinrc4 AT patersonkennethg analysingandexploitingthemantinbiasesinrc4 AT vandermerwethyla analysingandexploitingthemantinbiasesinrc4 |