Results 1 - 4 of 4

Distinguishing WPA

by Sourav Sen Gupta, Subhamoy Maitra, Willi Meier
"... Abstract. We present an efficient algorithm that can distinguish the keystream of WPA from that of a generic instance of RC4 with a packet complexity of O(N 2), where N denotes the size of the internal permutation of RC4. In practice, our distinguisher requires approximately 2 19 packets; thus makin ..."
Abstract - Cited by 1 (0 self) - Add to MetaCart
Abstract. We present an efficient algorithm that can distinguish the keystream of WPA from that of a generic instance of RC4 with a packet complexity of O(N 2), where N denotes the size of the internal permutation of RC4. In practice, our distinguisher requires approximately 2 19 packets; thus

Statistical Attack on RC4 Distinguishing WPA

by Pouyan Sepehrdad, Serge Vaudenay, Martin Vuagnoux
"... Abstract. In this paper we construct several tools for manipulating pools of biases in the analysis of RC4. Then, we show that optimized strategies can break WEP based on 4000 packets by assuming that the first bytes of plaintext are known for each packet. We describe similar attacks for WPA. Firstl ..."
Abstract - Cited by 10 (2 self) - Add to MetaCart
. Firstly, we describe a distinguisher for WPA of complexity 2 43 and advantage 0.5 which uses 2 40 packets. Then, based on several partial temporary key recovery attacks, we recover the full 128-bit temporary key by using 2 38 packets. It works within a complexity of 2 96. So far, this is the best attack

Dependence in IV-related bytes of RC4 key enhances vulnerabilities in WPA?

by Sourav Sen Gupta, Subhamoy Maitra, Willi Meier, Goutam Paul, Santanu Sarkar
"... Abstract. The first three bytes of the RC4 key in WPA are public as they are derived from the public parameter IV, and this derivation leads to a strong mutual dependence between the first two bytes of the RC4 key. In this paper, we provide a disciplined study of RC4 biases result-ing specifically i ..."
Abstract - Add to MetaCart
to the dependence of the first two bytes of the RC4 key in WPA, both derived from the same byte of the IV. Our result on the nature of the first keystream byte provides a significantly improved distinguisher for RC4 used in WPA than what had been pre-sented by Sepehrdad et al. (2011-12). Further, we revisit

Tornado Attack on RC4 with Applications to WEP & WPA

by Pouyan Sepehrdad, Serge Vaudenay, Martin Vuagnoux
"... Abstract. In this paper, we construct several tools for building and manipulating pools of statistical correlations in the analysis of RC4. We develop a theory to analyze these correlations in an optimized manner. We leverage this theory to mount several attacks on IEEE 802.11 wireless communication ..."
Abstract - Add to MetaCart
communication protocols WEP and WPA. Based on several partial temporary key recovery attacks, we recover the full 128-bit temporary key of WPA by using 242 packets. It works with complexity 296. Then, we describe a distinguisher for WPA with complexity 242 and advantage 0.5 which uses 242 packets. Moreover, we
Results 1 - 4 of 4