Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2015-04-19

AUTHORS

Sourav Sen Gupta , Subhamoy Maitra , Willi Meier , Goutam Paul , Santanu Sarkar

ABSTRACT

The first three bytes of the RC4 key in WPA are public as they are derived from the public parameter IV, and this derivation leads to a strong mutual dependence between the first two bytes of the RC4 key. In this paper, we provide a disciplined study of RC4 biases resulting specifically in such a scenario. Motivated by the work of AlFardan et al. (2013), we first prove the interesting sawtooth distribution of the first byte in WPA and the similar nature for the biases in the initial keystream bytes towards zero. As we note, this sawtooth characteristics of these biases surface due to the dependence of the first two bytes of the RC4 key in WPA, both derived from the same byte of the IV. Our result on the nature of the first keystream byte provides a significantly improved distinguisher for RC4 used in WPA than what had been presented by Sepehrdad et al. (2011–2012). Further, we revisit the correlation of initial keystream bytes in WPA to the first three bytes of the RC4 key. As these bytes are known from the IV, one can obtain new as well as significantly improved biases in WPA than the absolute biases exploited earlier by AlFardan et al. or Isobe et al. We notice that the correlations of the keystream bytes with publicly known IV values of WPA potentially strengthen the practical plaintext recovery attack on the protocol. More... »

PAGES

350-369

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-662-46706-0_18

DOI

http://dx.doi.org/10.1007/978-3-662-46706-0_18

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1039753088


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/03", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Chemical Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0303", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Macromolecular and Materials Chemistry", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Indian Statistical Institute, Kolkata, India", 
          "id": "http://www.grid.ac/institutes/grid.39953.35", 
          "name": [
            "Indian Statistical Institute, Kolkata, India"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sen Gupta", 
        "givenName": "Sourav", 
        "id": "sg:person.016475554017.51", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016475554017.51"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Indian Statistical Institute, Kolkata, India", 
          "id": "http://www.grid.ac/institutes/grid.39953.35", 
          "name": [
            "Indian Statistical Institute, Kolkata, India"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maitra", 
        "givenName": "Subhamoy", 
        "id": "sg:person.013667777721.90", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013667777721.90"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Meier", 
        "givenName": "Willi", 
        "id": "sg:person.07653531142.18", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Indian Statistical Institute, Kolkata, India", 
          "id": "http://www.grid.ac/institutes/grid.39953.35", 
          "name": [
            "Indian Statistical Institute, Kolkata, India"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Paul", 
        "givenName": "Goutam", 
        "id": "sg:person.012131006407.38", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012131006407.38"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Chennai Mathematical Institute, Chennai, India", 
          "id": "http://www.grid.ac/institutes/grid.444722.3", 
          "name": [
            "Chennai Mathematical Institute, Chennai, India"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Sarkar", 
        "givenName": "Santanu", 
        "id": "sg:person.013316030122.96", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013316030122.96"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2015-04-19", 
    "datePublishedReg": "2015-04-19", 
    "description": "The first three bytes of the RC4 key in WPA are public as they are derived from the public parameter IV, and this derivation leads to a strong mutual dependence between the first two bytes of the RC4 key. In this paper, we provide a disciplined study of RC4 biases resulting specifically in such a scenario. Motivated by the work of AlFardan et al. (2013), we first prove the interesting sawtooth distribution of the first byte in WPA and the similar nature for the biases in the initial keystream bytes towards zero. As we note, this sawtooth characteristics of these biases surface due to the dependence of the first two bytes of the RC4 key in WPA, both derived from the same byte of the IV. Our result on the nature of the first keystream byte provides a significantly improved distinguisher for RC4 used in WPA than what had been presented by Sepehrdad et al. (2011\u20132012). Further, we revisit the correlation of initial keystream bytes in WPA to the first three bytes of the RC4 key. As these bytes are known from the IV, one can obtain new as well as significantly improved biases in WPA than the absolute biases exploited earlier by AlFardan et al. or Isobe et al. We notice that the correlations of the keystream bytes with publicly known IV values of WPA potentially strengthen the practical plaintext recovery attack on the protocol.", 
    "editor": [
      {
        "familyName": "Cid", 
        "givenName": "Carlos", 
        "type": "Person"
      }, 
      {
        "familyName": "Rechberger", 
        "givenName": "Christian", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-662-46706-0_18", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-662-46705-3", 
        "978-3-662-46706-0"
      ], 
      "name": "Fast Software Encryption", 
      "type": "Book"
    }, 
    "keywords": [
      "RC4 key", 
      "plaintext recovery attack", 
      "bytes", 
      "first byte", 
      "recovery attack", 
      "WPA", 
      "key", 
      "strong mutual dependence", 
      "keystream bytes", 
      "RC4", 
      "Isobe et al", 
      "scenarios", 
      "distinguisher", 
      "attacks", 
      "et al", 
      "protocol", 
      "mutual dependence", 
      "work", 
      "al", 
      "similar nature", 
      "vulnerability", 
      "derivation", 
      "dependence", 
      "nature", 
      "biases", 
      "characteristics", 
      "results", 
      "distribution", 
      "correlation", 
      "absolute biases", 
      "values", 
      "study", 
      "paper", 
      "sawtooth characteristics", 
      "public parameter IV", 
      "parameter IV", 
      "RC4 biases", 
      "AlFardan et al", 
      "interesting sawtooth distribution", 
      "sawtooth distribution", 
      "initial keystream bytes", 
      "same byte", 
      "first keystream byte", 
      "Sepehrdad et al", 
      "values of WPA", 
      "practical plaintext recovery attack"
    ], 
    "name": "Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA", 
    "pagination": "350-369", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1039753088"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-662-46706-0_18"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-662-46706-0_18", 
      "https://app.dimensions.ai/details/publication/pub.1039753088"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-01-01T19:25", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220101/entities/gbq_results/chapter/chapter_5.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-662-46706-0_18"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-46706-0_18'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-46706-0_18'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-46706-0_18'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-46706-0_18'


 

This table displays all metadata directly associated to this object as RDF triples.

145 TRIPLES      23 PREDICATES      71 URIs      64 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-662-46706-0_18 schema:about anzsrc-for:03
2 anzsrc-for:0303
3 schema:author N093b9d5ecdab48a295003ed3033381d0
4 schema:datePublished 2015-04-19
5 schema:datePublishedReg 2015-04-19
6 schema:description The first three bytes of the RC4 key in WPA are public as they are derived from the public parameter IV, and this derivation leads to a strong mutual dependence between the first two bytes of the RC4 key. In this paper, we provide a disciplined study of RC4 biases resulting specifically in such a scenario. Motivated by the work of AlFardan et al. (2013), we first prove the interesting sawtooth distribution of the first byte in WPA and the similar nature for the biases in the initial keystream bytes towards zero. As we note, this sawtooth characteristics of these biases surface due to the dependence of the first two bytes of the RC4 key in WPA, both derived from the same byte of the IV. Our result on the nature of the first keystream byte provides a significantly improved distinguisher for RC4 used in WPA than what had been presented by Sepehrdad et al. (2011–2012). Further, we revisit the correlation of initial keystream bytes in WPA to the first three bytes of the RC4 key. As these bytes are known from the IV, one can obtain new as well as significantly improved biases in WPA than the absolute biases exploited earlier by AlFardan et al. or Isobe et al. We notice that the correlations of the keystream bytes with publicly known IV values of WPA potentially strengthen the practical plaintext recovery attack on the protocol.
7 schema:editor N0a0031f5ff8e4388831970d6081f4b98
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf N3a1e06cf1f994d9d9b5be606ef8d25f8
12 schema:keywords AlFardan et al
13 Isobe et al
14 RC4
15 RC4 biases
16 RC4 key
17 Sepehrdad et al
18 WPA
19 absolute biases
20 al
21 attacks
22 biases
23 bytes
24 characteristics
25 correlation
26 dependence
27 derivation
28 distinguisher
29 distribution
30 et al
31 first byte
32 first keystream byte
33 initial keystream bytes
34 interesting sawtooth distribution
35 key
36 keystream bytes
37 mutual dependence
38 nature
39 paper
40 parameter IV
41 plaintext recovery attack
42 practical plaintext recovery attack
43 protocol
44 public parameter IV
45 recovery attack
46 results
47 same byte
48 sawtooth characteristics
49 sawtooth distribution
50 scenarios
51 similar nature
52 strong mutual dependence
53 study
54 values
55 values of WPA
56 vulnerability
57 work
58 schema:name Dependence in IV-Related Bytes of RC4 Key Enhances Vulnerabilities in WPA
59 schema:pagination 350-369
60 schema:productId N43f97fb327a24cd4903ddb21991935c6
61 N4ccadda421134b7d80a581289364c14b
62 schema:publisher N00e10ba19e8448be8564cc996961f76a
63 schema:sameAs https://app.dimensions.ai/details/publication/pub.1039753088
64 https://doi.org/10.1007/978-3-662-46706-0_18
65 schema:sdDatePublished 2022-01-01T19:25
66 schema:sdLicense https://scigraph.springernature.com/explorer/license/
67 schema:sdPublisher N3fdf6addd789438aa25707af052f42a4
68 schema:url https://doi.org/10.1007/978-3-662-46706-0_18
69 sgo:license sg:explorer/license/
70 sgo:sdDataset chapters
71 rdf:type schema:Chapter
72 N00e10ba19e8448be8564cc996961f76a schema:name Springer Nature
73 rdf:type schema:Organisation
74 N093b9d5ecdab48a295003ed3033381d0 rdf:first sg:person.016475554017.51
75 rdf:rest N94952e5b19bb4cbb87923ed87e826472
76 N0a0031f5ff8e4388831970d6081f4b98 rdf:first N86bcfe65aa3e44c892783be43b82a817
77 rdf:rest N1effe6a608c649008e93c1f39869eba0
78 N0ae78ea8bed14d578d6d0c79994c8eda rdf:first sg:person.012131006407.38
79 rdf:rest N3c19fceaebee4a5a82c3bd1a79a0721d
80 N1effe6a608c649008e93c1f39869eba0 rdf:first N69354146dd4f4e0c914ca713a50bd052
81 rdf:rest rdf:nil
82 N3a1e06cf1f994d9d9b5be606ef8d25f8 schema:isbn 978-3-662-46705-3
83 978-3-662-46706-0
84 schema:name Fast Software Encryption
85 rdf:type schema:Book
86 N3c19fceaebee4a5a82c3bd1a79a0721d rdf:first sg:person.013316030122.96
87 rdf:rest rdf:nil
88 N3fdf6addd789438aa25707af052f42a4 schema:name Springer Nature - SN SciGraph project
89 rdf:type schema:Organization
90 N43f97fb327a24cd4903ddb21991935c6 schema:name doi
91 schema:value 10.1007/978-3-662-46706-0_18
92 rdf:type schema:PropertyValue
93 N4ccadda421134b7d80a581289364c14b schema:name dimensions_id
94 schema:value pub.1039753088
95 rdf:type schema:PropertyValue
96 N69354146dd4f4e0c914ca713a50bd052 schema:familyName Rechberger
97 schema:givenName Christian
98 rdf:type schema:Person
99 N6a5ed7e65f2b4ede81ac8c21dd21d8b9 rdf:first sg:person.07653531142.18
100 rdf:rest N0ae78ea8bed14d578d6d0c79994c8eda
101 N86bcfe65aa3e44c892783be43b82a817 schema:familyName Cid
102 schema:givenName Carlos
103 rdf:type schema:Person
104 N94952e5b19bb4cbb87923ed87e826472 rdf:first sg:person.013667777721.90
105 rdf:rest N6a5ed7e65f2b4ede81ac8c21dd21d8b9
106 anzsrc-for:03 schema:inDefinedTermSet anzsrc-for:
107 schema:name Chemical Sciences
108 rdf:type schema:DefinedTerm
109 anzsrc-for:0303 schema:inDefinedTermSet anzsrc-for:
110 schema:name Macromolecular and Materials Chemistry
111 rdf:type schema:DefinedTerm
112 sg:person.012131006407.38 schema:affiliation grid-institutes:grid.39953.35
113 schema:familyName Paul
114 schema:givenName Goutam
115 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012131006407.38
116 rdf:type schema:Person
117 sg:person.013316030122.96 schema:affiliation grid-institutes:grid.444722.3
118 schema:familyName Sarkar
119 schema:givenName Santanu
120 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013316030122.96
121 rdf:type schema:Person
122 sg:person.013667777721.90 schema:affiliation grid-institutes:grid.39953.35
123 schema:familyName Maitra
124 schema:givenName Subhamoy
125 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013667777721.90
126 rdf:type schema:Person
127 sg:person.016475554017.51 schema:affiliation grid-institutes:grid.39953.35
128 schema:familyName Sen Gupta
129 schema:givenName Sourav
130 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016475554017.51
131 rdf:type schema:Person
132 sg:person.07653531142.18 schema:affiliation grid-institutes:grid.410380.e
133 schema:familyName Meier
134 schema:givenName Willi
135 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18
136 rdf:type schema:Person
137 grid-institutes:grid.39953.35 schema:alternateName Indian Statistical Institute, Kolkata, India
138 schema:name Indian Statistical Institute, Kolkata, India
139 rdf:type schema:Organization
140 grid-institutes:grid.410380.e schema:alternateName FHNW, Windisch, Switzerland
141 schema:name FHNW, Windisch, Switzerland
142 rdf:type schema:Organization
143 grid-institutes:grid.444722.3 schema:alternateName Chennai Mathematical Institute, Chennai, India
144 schema:name Chennai Mathematical Institute, Chennai, India
145 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...