Presentation 2013-06-20
Vulnerability of RC4 in SSL/TLS
Yuhei WATANABE, Takanori ISOBE, Toshihiro OHIGASHI, Masakatu MORII,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) In FSE2013, we showed that the first 257 bytes and 1000T bytes of the plaintext could be easily recovered with high probability, from only 2^<32> and 2^<34> ciphertexts, respectively, in a broadcast setting where a content is encrypted with user different keys. This paper evaluates security of RC4 in a multi-session setting where the plaintext is recovered from only ciphertexts in multiple SSL/TLS sessions including same confidential data, and shows a vulnerability of RC4 in SSL/TLS. In particular, we evaluate our FSE2013 attack under the assumption that plaintext bytes are restricted such as ASCII code, PIN code, assuming actual communication. Then, this actual setting enable us to significantly reduce the number of required sessions for successful attacks compared to the case of all candidates. Especially, in case of PIN code, given only 2^<23> sessions, we can extract almost all plaintext bytes of first 257 bytes of the plaintext except the first 36 bytes, which are constructed from a hash value, with significant high probability.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) SSL/TLS / multi-session setting / RC4 / broadcast setting / plaintext recovery attack
Paper # IA2013-4,ICSS2013-4
Date of Issue

Conference Information
Committee IA
Conference Date 2013/6/13(1days)
Place (in Japanese) (See Japanese page)
Place (in English)
Topics (in Japanese) (See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To Internet Architecture(IA)
Language ENG
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) Vulnerability of RC4 in SSL/TLS
Sub Title (in English)
Keyword(1) SSL/TLS
Keyword(2) multi-session setting
Keyword(3) RC4
Keyword(4) broadcast setting
Keyword(5) plaintext recovery attack
1st Author's Name Yuhei WATANABE
1st Author's Affiliation Graduate School of Engineering, Kobe University()
2nd Author's Name Takanori ISOBE
2nd Author's Affiliation Graduate School of Engineering, Kobe University
3rd Author's Name Toshihiro OHIGASHI
3rd Author's Affiliation Information Media Center, Hiroshima University
4th Author's Name Masakatu MORII
4th Author's Affiliation Graduate School of Engineering, Kobe University
Date 2013-06-20
Paper # IA2013-4,ICSS2013-4
Volume (vol) vol.113
Number (no) 94
Page pp.pp.-
#Pages 6
Date of Issue