Abstract
Despite recent high-profile attacks on the RC4 algorithm in TLS, its usage is still running at
about 30% of all TLS traffic. This is attributable to the lack of practicality of the existing attacks,
the desire to support legacy implementations, and resistance to change. We provide new attacks
against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means
of user authentication on the Web today. Our attacks enhance the statistical techniques used in
the existing attacks and exploit specific features of the password setting to produce attacks that
are much closer to being practical. We report on extensive simulations that illustrate this. We
also report on two “proof of concept” implementations of the attacks for specific application
layer protocols, namely BasicAuth and IMAP. Our work validates the truism that attacks only
get better with time: we obtain good success rates in recovering user passwords with around 226
encryptions, whereas the previous generation of attacks required 234 encryptions to recover an
HTTP session cookie.
more here.............http://www.isg.rhul.ac.uk/tls/RC4passwords.pdf
Despite recent high-profile attacks on the RC4 algorithm in TLS, its usage is still running at
about 30% of all TLS traffic. This is attributable to the lack of practicality of the existing attacks,
the desire to support legacy implementations, and resistance to change. We provide new attacks
against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means
of user authentication on the Web today. Our attacks enhance the statistical techniques used in
the existing attacks and exploit specific features of the password setting to produce attacks that
are much closer to being practical. We report on extensive simulations that illustrate this. We
also report on two “proof of concept” implementations of the attacks for specific application
layer protocols, namely BasicAuth and IMAP. Our work validates the truism that attacks only
get better with time: we obtain good success rates in recovering user passwords with around 226
encryptions, whereas the previous generation of attacks required 234 encryptions to recover an
HTTP session cookie.
more here.............http://www.isg.rhul.ac.uk/tls/RC4passwords.pdf