In Usenix Security symposium 2015, Vanhoef and Piessens published a number of results regarding weaknesses of the RC4 stream cipher when used in the TLS protocol. The authors unearthed a number of new biases in the keystream bytes that helped to reliably recover the plaintext using a limited number of TLS sessions. Most of these biases were based on the joint distribution successive/non-successive keystream bytes. Moreover, the biases were reported after experimental observations and no theoretical explanations were proffered. In this paper, we provide detailed proofs of most of these biases, and provide certain generalizations of the results reported in the above paper. We also unearth new biases based on the joint distributions of three consecutive bytes.
CITATION STYLE
Jha, S., Banik, S., Isobe, T., & Ohigashi, T. (2016). Some proofs of joint distributions of keystream biases in RC4. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10095 LNCS, pp. 305–321). Springer Verlag. https://doi.org/10.1007/978-3-319-49890-4_17
Mendeley helps you to discover research relevant for your work.