On the security of RC4 in TLS

N.J. AlFardan; D.J. Bernstein; K.G. Paterson; B. Poettering; J.C.N. Schuldt

On the security of RC4 in TLS

N.J. AlFardan, D.J. Bernstein, K.G. Paterson, B. Poettering, J.C.N. Schuldt

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/Congresprocedure › Conferentiebijdrage › Academic › peer review

137 Citaten (Scopus)

151 Downloads (Pure)

Samenvatting

The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto protocol standard for secured Internet and mobile applications. TLS supports several symmetric encryption options, including a scheme based on the RC4 stream cipher. In this paper, we present ciphertext-only plain-text recovery attacks against TLS when RC4 is selected for encryption. Our attacks build on recent advances in the statistical analysis of RC4, and on new findings announced in this paper. Our results are supported by an experimental evaluation of the feasibility of the attacks. We also discuss countermeasures.

Originele taal-2	Engels
Titel	22nd USENIX Security Symposium (Washington DC, USA, August 14-16, 2013)
Redacteuren	S. Kling
Plaats van productie	Berkeley
Uitgeverij	Usenix Association
Pagina's	305-320
ISBN van geprinte versie	978-1-931971-03-4
Status	Gepubliceerd - 2013

Toegang tot document

publishers versionDefinitieve gepubliceerde versie, 419 KB

Citeer dit

@inproceedings{85e7c3d6e173471495d00795e93327b7,

title = "On the security of RC4 in TLS",

abstract = "The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto protocol standard for secured Internet and mobile applications. TLS supports several symmetric encryption options, including a scheme based on the RC4 stream cipher. In this paper, we present ciphertext-only plain-text recovery attacks against TLS when RC4 is selected for encryption. Our attacks build on recent advances in the statistical analysis of RC4, and on new findings announced in this paper. Our results are supported by an experimental evaluation of the feasibility of the attacks. We also discuss countermeasures.",

author = "N.J. AlFardan and D.J. Bernstein and K.G. Paterson and B. Poettering and J.C.N. Schuldt",

year = "2013",

language = "English",

isbn = "978-1-931971-03-4",

pages = "305--320",

editor = "S. Kling",

booktitle = "22nd USENIX Security Symposium (Washington DC, USA, August 14-16, 2013)",

publisher = "Usenix Association",

}

TY - GEN

T1 - On the security of RC4 in TLS

AU - AlFardan, N.J.

AU - Bernstein, D.J.

AU - Paterson, K.G.

AU - Poettering, B.

AU - Schuldt, J.C.N.

PY - 2013

Y1 - 2013

N2 - The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto protocol standard for secured Internet and mobile applications. TLS supports several symmetric encryption options, including a scheme based on the RC4 stream cipher. In this paper, we present ciphertext-only plain-text recovery attacks against TLS when RC4 is selected for encryption. Our attacks build on recent advances in the statistical analysis of RC4, and on new findings announced in this paper. Our results are supported by an experimental evaluation of the feasibility of the attacks. We also discuss countermeasures.

AB - The Transport Layer Security (TLS) protocol aims to provide confidentiality and integrity of data in transit across untrusted networks. TLS has become the de facto protocol standard for secured Internet and mobile applications. TLS supports several symmetric encryption options, including a scheme based on the RC4 stream cipher. In this paper, we present ciphertext-only plain-text recovery attacks against TLS when RC4 is selected for encryption. Our attacks build on recent advances in the statistical analysis of RC4, and on new findings announced in this paper. Our results are supported by an experimental evaluation of the feasibility of the attacks. We also discuss countermeasures.

M3 - Conference contribution

SN - 978-1-931971-03-4

SP - 305

EP - 320

BT - 22nd USENIX Security Symposium (Washington DC, USA, August 14-16, 2013)

A2 - Kling, S.

PB - Usenix Association

CY - Berkeley

ER -

On the security of RC4 in TLS

Samenvatting

Toegang tot document

Vingerafdruk

Citeer dit