Paper Abstract and Keywords |
Presentation |
2014-03-27 13:30
An Active Attack on RC4 in SSL/TLS Toshihiro Ohigashi (Hiroshima Univ.), Takanori Isobe (Sony), Yuhei Watanabe (Kobe Univ.), Ryo Nojima (NICT), Masakatu Morii (Kobe Univ.) ICSS2013-63 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
In 2013, Isobe et al. and AlFardan et al. proposed practical plaintext recovery attacks on RC4 in SSL/TLS in the broadcast setting, independently. Their attacks have a property, in which the probability for recovering a plaintext byte is dependent on the position of the byte. In this paper, we give an active attack, which is a method to slide the position of a target plaintext byte into later byte of the plaintext. Our attack injects any bytes into the head of the plaintext by using malicious JavaScript. It causes improvement in probability for recovering
a lot of plaintext bytes. For example, although the previous attack can recover the all bytes except the first $41$ bytes of a first $77$ bytes of a plaintext with probability more than $0.5$, the proposed active attack can recover the all bytes except the first $41$ bytes of the first $96$ bytes of a plaintext with probability more than $0.7$, when $2^{26}$ ciphertexts are given. In addition, we compare the active attacks against CBC mode for block ciphers with that of RC4. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
RC4 / broadcast setting / active attack / plaintext recovery attack / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 113, no. 502, ICSS2013-63, pp. 7-12, March 2014. |
Paper # |
ICSS2013-63 |
Date of Issue |
2014-03-20 (ICSS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
ICSS2013-63 |
Conference Information |
Committee |
ICSS IPSJ-SPT |
Conference Date |
2014-03-27 - 2014-03-28 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Meio Univiersity |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Communication Security, Security Psychology & Trust, etc. |
Paper Information |
Registration To |
ICSS |
Conference Code |
2014-03-ICSS-SPT |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
An Active Attack on RC4 in SSL/TLS |
Sub Title (in English) |
|
Keyword(1) |
RC4 |
Keyword(2) |
broadcast setting |
Keyword(3) |
active attack |
Keyword(4) |
plaintext recovery attack |
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Toshihiro Ohigashi |
1st Author's Affiliation |
Hiroshima University (Hiroshima Univ.) |
2nd Author's Name |
Takanori Isobe |
2nd Author's Affiliation |
Sony Corporation (Sony) |
3rd Author's Name |
Yuhei Watanabe |
3rd Author's Affiliation |
Kobe University (Kobe Univ.) |
4th Author's Name |
Ryo Nojima |
4th Author's Affiliation |
National Institute of Information and Communications Technology (NICT) |
5th Author's Name |
Masakatu Morii |
5th Author's Affiliation |
Kobe University (Kobe Univ.) |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2014-03-27 13:30:00 |
Presentation Time |
25 minutes |
Registration for |
ICSS |
Paper # |
ICSS2013-63 |
Volume (vol) |
vol.113 |
Number (no) |
no.502 |
Page |
pp.7-12 |
#Pages |
6 |
Date of Issue |
2014-03-20 (ICSS) |
|