WEP (continued) • RC4 issues – RC4 uses a pseudo random number generator (PRNG) to create the keystream • PRNG does not create a true random number – First 256 bytes of the RC4 cipher can be determined • By bytes in the key itself – RC4 source code (or a derivation) has been revealed • Attackers can see how the keystream itself is generated • WEP attack tools – AirSnort, Aircrack, ChopChop WEP Cracker, and WEP Crack CWSP Guide to Wireless Security 36
View full slide show




Summary RSA’s RC4 is used in many security protocols including WEP and SSL WEP is inherently weak but the weakness is not due to RC4 encryption TKIP and other similar key rotation schemes correct the problem with WEP while retaining RC4 stream cipher RC5 is the most well-known block cipher RC5 is a parameterized algorithm with a variable block size, variable key size and a variable number of rounds This work is supported by the National Science Foundation under Grant Number DUE0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation.
View full slide show




RC4 Security  claimed secure against known attacks  There are some attacks, none practical  result is very non-linear  since RC4 is a stream cipher, must never reuse a key  There are concerns with WEP, but due to key handling rather than RC4 itself
View full slide show




Information Visualization: Mantra • • • • • • • • • • Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand Overview, zoom & filter, details-on-demand (The Eyes Have It, IEEE VL, 1996)
View full slide show




RC4 Developed by Ron Rivest of RSA Security Variable length stream cipher Used in WEP, TKIP, MPPE, SSL, TLS and many other security protocols Fast and efficient The RC4 algorithm is capable of key lengths of up to 256 bits, and is typically implemented in 64 bits, 128 bits, and 256 Considered moderately secure This work is supported by the National Science Foundation under Grant Number DUE0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation.
View full slide show




Weak Key Attacks WEP construct a per-packet RC4 key by concatenating an RC4 base key and 24 bits IV TKIP uses key-mixing to derive short–lived encryption keys TKIP uses 128 bit temporal key combined with the client’s MAC address and large 48 bit IVs to produce the key for encryption This work is supported by the National Science Foundation under Grant Number DUE0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation.
View full slide show




SSL Record Protocol Services  message integrity   using a MAC with shared secret key similar to HMAC but with different padding  confidentiality    using symmetric encryption with a shared secret key defined by Handshake Protocol AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption
View full slide show




Wired Equivalent Privacy – WEP  RC4 stream cipher  Designed by Ron Rivest for RSA Security  Very simple   Initialization Vector (IV) Shared Key  The issue is in the way RC4 is used  IV (24 bits) reuse and fixed key  Early versions used 40-bit key  128-bit mode effectively uses 104 bits Cryptography and Network Security 579
View full slide show




RC4 Stream Cipher • RC4 is a popular stream cipher – Extensively analyzed and considered good – Key can be from 1 to 256 bytes – Used in WEP for 802.11 – Can be used in SSL 13
View full slide show




WEP vs WPA vs WPA2 WEP WPA WPA2 RC4 RC4 AES NONE Dynamic Session Keys Dynamic Session Keys KEY DISTRIBUTION Manually typed into each device Automatic distribution available Automatic distribution available AUTHENTICATION Uses WEP key as Can use 802.1x Can use 802.1x Authentication & EAP & EAP ENCRYPTION KEY ROTATION 31
View full slide show




RC4 Stream Cipher  RC4 is a popular stream cipher  Extensively analyzed and considered good  Key can be from 1 to 256 bytes  Used in WEP for 802.11  Can be used in SSL 15
View full slide show