#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2011
    Posts
    1
    Rep Power
    0

    Understanding Klein's attack on RC4


    Code:
     Suppose w key streams were generated by RC4 using 
    packet keys with a fixed root key and different initialization 
    vectors. Denote by K_u = (K_u[0], ..., K_u[m]) = (IV_u||Rk) the 
    u-th packet key and by X_u = (X_u[0],...,X_u[m-1]) the first m 
    bytes of the uth key stream, where 1 <= u <= w. Assume that an 
    attacker knows the pairs (IV_u, X_u) - we shall refer to them as 
    samples - and tries to find Rk.

    I've been reading this paragraph over and over, and I just don't get it. I think w is the amount of key streams, K is the key, K_u specifies which key stream it's a part of... but what is X?
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2003
    Location
    Central New Jersey
    Posts
    207
    Rep Power
    21
    Here's my interpretation.

    w key streams

    X is the first m bytes of the uth key stream.

    key streams:

    initialization vector 1 + plain text 1 + root key ==> (K_u[0], ..., K_u[m])

    (K_u[0], ..., K_u[m]) == (X_u[0],...,X_u[m-1]) + [remaining bytes of uth key stream]


    initialization vector 2 + plain text 2 + root key ==> (K_u[0], ..., K_u[m])
    initialization vector 3 + plain text 3 + root key ==> (K_u[0], ..., K_u[m])
    ....
    initialization vector w + plain text w + root key ==> (K_u[0], ..., K_u[m])

IMN logo majestic logo threadwatch logo seochat tools logo