Welcome to the new Woodmann RCE Messageboards Regroupment
Please be patient while the rest of the site is restored.

To all Members of the old RCE Forums:
In order to log in, it will be necessary to reset your forum login password ("I forgot my password") using the original email address you registered with. You will be sent an email with a link to reset your password for that member account.

The old vBulletin forum was converted to phpBB format, requiring the passwords to be reset. If this is a problem for some because of a forgotten email address, please feel free to re-register with a new username. We are happy to welcome old and new members back to the forums! Thanks.

All new accounts are manually activated before you can post. Any questions can be PM'ed to Kayaker.

Practical attack on RC4 encryption

To discuss DES MD5 El-Gamal RSA PGP and others....
Locked
User avatar
OHPen
Posts: 399
Joined: Wed Nov 06, 2002 1:20 pm
Location: .text

Practical attack on RC4 encryption

Post by OHPen »

Hi,

these days I'm facing a crypto problem with RC4 encryption.

I know that there is a function which constructs the RC4 key, which is used to initialize the state. The key is 20 bytes large and constructed by function which receives two parameters. one parameter is 20 byte large and known to me, the other parameter is 32 byte long and not known to me. the algorithm inside the key construction function is proprietary and also unknown. after the key construction "merges" the two parameters somehow the final key is returned and can be used for enc/dec operation.

I own parts of the original plain text, lets says something about 4 - 16 bytes of a message which can be up to 256 bytes long. the bytes which are known are at the beginning of the message.


I'm everything else but a crypto guru so I have two quests to the gurus:

1. As i know parts of the seeds which are used to construct the key, is it ( not only virtually ;) ) possible to bruteforce the original key by use of the supplied information within a reasonable amount of time ?

2. If not, is there any other approach which my work to recover the original key from the supplied information ?


I read a few papers regarding attacks on RC4, but i have to admit, that most of them are quite loaded with lots of math. So if you have an explanation for me which is also intended for a non-math guru, it would be great!!!


Thanks in advance!



Regards,
OHPen.
- Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -
User avatar
OHPen
Posts: 399
Joined: Wed Nov 06, 2002 1:20 pm
Location: .text

Post by OHPen »

Ok, so I found a solution my problem. I was able to identify the nature of the first parameter, which was unknown to me. Knowing what type of information is supplied + some side information i was able to reduce the key space and a brute force attack can be executed within a reasonable amout of time.

So no more krypto analysis needed.

Nevertheless if we have some RC4 expert here, feel free to answer anyway, I really would appreciate it!

Regards,
OHPen
- Reverse Enginnering can be everything, but sometimes it's more than nothing. Really rare moments but then they appear to last ages... -
Locked