Discovery and Exploitation of New Biases in RC4
References
Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)
Bittau, A.: Additional Weak IV Classes for the FMS Attack (2003), http://www.cs.ucl.ac.uk/staff/a.bittau/sorwep.txt
Chaabouni, R.: Breaking WEP Faster with Statistical Analysis. Ecole Polytechnique Fédérale de Lausanne, LASEC, Semester Project (2006)
Devine, C., Otreppe, T.: Aircrack, http://www.aircrack-ng.org/
Fluhrer, S.R., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)
Fluhrer, S.R., McGrew, D.A.: Statistical Analysis of the Alleged RC4 Keystream Generator. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 19–30. Springer, Heidelberg (2001)
Golic, J.D.: Linear statistical weakness of alleged RC4 keystream generator. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 226–238. Springer, Heidelberg (1997)
Golic, J.D.: Iterative Probabilistic Cryptanalysis of RC4 Keystream Generator. In: Dawson, E., Clark, A., Boyd, C. (eds.) ACISP 2000. LNCS, vol. 1841, pp. 220–233. Springer, Heidelberg (2000)
Hulton, D.: Practical Exploitation of RC4 Weaknesses in WEP Environments (2001), http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt
IEEE. ANSI/IEEE standard 802.11i: Amendment 6 Wireless LAN Medium Access Control (MAC) and Physical Layer (phy) Specifications, Draft 3 (2003)
Jenkins, R.: ISAAC and RC4, http://burtleburtle.net/bob/rand/isaac.html
Klein, A.: Attacks on the RC4 Stream Cipher. Personal Andreas Klein website (2006), http://cage.ugent.be/~klein/RC4/RC4-en.ps
Klein, A.: Attacks on the RC4 Stream Cipher. Des. Codes Cryptography 48(3), 269–286 (2008)
Knudsen, L.R., Meier, W., Preneel, B., Rijmen, V., Verdoolaege, S.: Analysis Methods for (Alleged) RC4. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 327–341. Springer, Heidelberg (1998)
KoreK. Need Security Pointers (2004), http://www.netstumbler.org/showthread.php?postid=89036#post89036
KoreK. Next Generation of WEP Attacks? (2004), http://www.netstumbler.org/showpost.php?p=93942&postcount=35
Maitra, S., Paul, G.: New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 253–269. Springer, Heidelberg (2008)
Mantin, I.: Analysis of the Stream Cipher RC4, http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html
Mantin, I.: Predicting and Distinguishing Attacks on RC4 Keystream Generator. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 491–506. Springer, Heidelberg (2005)
Mantin, I., Shamir, A.: A Practical Attack on Broadcast RC4. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Heidelberg (2002)
Maximov, A.: Two Linear Distinguishing Attacks on VMPC and RC4A and Weakness of RC4 Family of Stream Ciphers. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 342–358. Springer, Heidelberg (2005)
Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)
Mironov, I.: (Not So) Random Shuffles of RC4. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 304–319. Springer, Heidelberg (2002)
Moen, V., Raddum, H., Hole, K.J.: Weaknesses in the Temporal Key Hash of WPA. Mobile Computing and Communications Review 8(2), 76–83 (2004)
Paul, G., Maitra, S.: Permutation After RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)
Paul, G., Rathi, S., Maitra, S.: On Non-negligible Bias of the First Output Bytes of RC4 towards the First Three Bytes of the Secret Key. In: WCC 2007 - International Workshop on Coding and Cryptography, pp. 285–294 (2007)
Paul, S., Preneel, B.: A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 245–259. Springer, Heidelberg (2004)
Roos, A.: A Class of Weak Keys in RC4 Stream Cipher (sci.crypt) (1995), http://groups.google.com/group/sci.crypt.research/msg/078aa9249d76eacc?dmode=source
Tews, E., Beck, M.: Practical attacks against WEP and WPA. In: Basin, D.A., Capkun, S., Lee, W. (eds.) WISEC, pp. 79–86. ACM, New York (2009)
Tews, E., Weinmann, R.-P., Pyshkin, A.: Breaking 104 Bit WEP in Less Than 60 Seconds. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 188–202. Springer, Heidelberg (2008)
Tomasevic, V., Bojanic, S., Nieto-Taladriz, O.: Finding an internal state of RC4 stream cipher. Finding an internal state of RC4 stream cipher 177(7), 1715–1727 (2007)
Vaudenay, S., Vuagnoux, M.: Passive–Only Key Recovery Attacks on RC4. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 344–359. Springer, Heidelberg (2007)
Vuagnoux, M.: Computer Aided Cryptanalysis from Ciphers to Side channels. PhD thesis, Ecole Polytechnique Fédérale de Lausanne — EPFL (2010)
Wagner, D.: Weak Keys in RC4 (sci.crypt) (1995), http://www.cs.berkeley.edu/~daw/my-posts/my-rc4-weak-keys