Results 1 to 2 of 2

Thread: Practical attack on RC4 encryption

  1. #1
    ::[ Reverse Engineer ]:: OHPen's Avatar
    Join Date
    Nov 2002
    Location
    .text
    Posts
    399
    Blog Entries
    5

    Practical attack on RC4 encryption

    Hi,

    these days I'm facing a crypto problem with RC4 encryption.

    I know that there is a function which constructs the RC4 key, which is used to initialize the state. The key is 20 bytes large and constructed by function which receives two parameters. one parameter is 20 byte large and known to me, the other parameter is 32 byte long and not known to me. the algorithm inside the key construction function is proprietary and also unknown. after the key construction "merges" the two parameters somehow the final key is returned and can be used for enc/dec operation.

    I own parts of the original plain text, lets says something about 4 - 16 bytes of a message which can be up to 256 bytes long. the bytes which are known are at the beginning of the message.


    I'm everything else but a crypto guru so I have two quests to the gurus:

    1. As i know parts of the seeds which are used to construct the key, is it ( not only virtually ) possible to bruteforce the original key by use of the supplied information within a reasonable amount of time ?

    2. If not, is there any other approach which my work to recover the original key from the supplied information ?


    I read a few papers regarding attacks on RC4, but i have to admit, that most of them are quite loaded with lots of math. So if you have an explanation for me which is also intended for a non-math guru, it would be great!!!


    Thanks in advance!



    Regards,
    OHPen.
    - Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -

  2. #2
    ::[ Reverse Engineer ]:: OHPen's Avatar
    Join Date
    Nov 2002
    Location
    .text
    Posts
    399
    Blog Entries
    5
    Ok, so I found a solution my problem. I was able to identify the nature of the first parameter, which was unknown to me. Knowing what type of information is supplied + some side information i was able to reduce the key space and a brute force attack can be executed within a reasonable amout of time.

    So no more krypto analysis needed.

    Nevertheless if we have some RC4 expert here, feel free to answer anyway, I really would appreciate it!

    Regards,
    OHPen
    - Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -

Similar Threads

  1. Recon 2011: Practical C++ Decompilation
    By Hex Blog in forum Blogs Forum
    Replies: 0
    Last Post: August 2nd, 2011, 05:44
  2. Practical Appcall examples
    By Hex Blog in forum Blogs Forum
    Replies: 0
    Last Post: January 18th, 2010, 07:17
  3. found: Practical Malware Analysis
    By Shub-nigurrath in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: August 30th, 2007, 02:15
  4. Practical Aspects of Modern Cryptography
    By 0xf001 in forum RCE Cryptographics
    Replies: 2
    Last Post: June 6th, 2006, 00:56
  5. We are under attack!
    By SiGiNT in forum Off Topic
    Replies: 6
    Last Post: February 9th, 2006, 00:51

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •