We conduct an analysis of the RC4 algorithm as it is used in the IEEE WPA/TKIP wireless standard. In that standard, RC4 keys are computed on a per-frame basis, with specific key bytes being set to known values that depend on 2 bytes of theWPA frame counter (called the TSC). We observe very large, TSC-dependent biases in the RC4 keystream when the algorithm is keyed according to the WPA specification. These biases permit us to mount an effective statistical, plaintextrecovering attack in the situation where the same plaintext is encrypted in many different frames (the so-called “broadcast attack” setting). We assess the practical impact of these attacks on WPA/TKIP.
CITATION STYLE
Paterson, K. G., Poettering, B., & Schuldt, J. C. N. (2015). Plaintext recovery attacks against WPA/TKIP. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8540, pp. 325–349). Springer Verlag. https://doi.org/10.1007/978-3-662-46706-0_17
Mendeley helps you to discover research relevant for your work.