Statistical Attack on RC4: Distinguishing WPA

In this paper we construct several tools for manipulating pools of biases in the analysis of RC4. Then, we show that optimized strategies can break WEP based on 4000 packets by assuming that the first bytes of plaintext are known for each packet. We describe similar attacks for WPA. Firstly, we describe a distinguisher for WPA of complexity 2^43 and advantage 0.5 which uses 2^40 packets. Then, based on several partial temporary key recovery attacks, we recover the full 128-bit temporary key by using 2^38 packets. It works within a complexity of 2^96. So far, this is the best attack against WPA. We believe that our analysis brings further insights on the security of RC4.

Statistical Attack on RC4: Distinguishing WPA

Attacks on some post-quantum cryptographic protocols: The case of the Legendre PRF and SIKE

Cryptanalysis of LowMC instances using single plaintext/ciphertext pair

Computational aspects of correlation power analysis

Cryptanalysis of LowMC instances using single plaintext/ciphertext pair

Attacks on some post-quantum cryptographic protocols: The case of the Legendre PRF and SIKE

Computational aspects of correlation power analysis