17-07-2012, 03:02 PM
Enhancing RC4 algorithm for secure communication in WLAN protocol
Enhancing RC4 algorithm for WLAN WEP Protocol.docx (Size: 58.14 KB / Downloads: 26)
Abstract: Wireless Local Area (WLAN) has become a hot spot of application in the field of telecommunication these years. To secure WLAN for data transmission, RC4 algorithm is able to provide the advantages of fast performance in the resource constrained environment. This paper analyzes the security of RC4 algorithm, presents a way to enhance the security of RC4 algorithm and analysis the affection of the enhanced algorithm by using MD5/hash function.
Key Words: RC4, WEP, WLAN
1 Introduction
Wireless Local Area Network (WLAN) is the network that utilizes radio frequency technology instead of traditional coaxial. WLAN is widely used in many conditions, especially when it’s difficult to install traditional network. As the openness and sharing of wireless channel nature, the security of wireless data stream becomes particularly prominent [1].IEEE802.11 standard for WLAN defines two types of authentication open system authentication and shared key authentication, and uses RC4 stream encryption algorithm of the Wired Equivalent Protection (WEP) protocol to enhance its security. However, the facts show that the WEP protocol has not met the desired level of safety. On the contrary, WEP itself also has fatal security flaws, tampering with the data for a variety of active attacks and passive eavesdropping on the data provided to facilitate aggression. WEP uses the Initial Vector (IV) to avoid duplication of key stream. Beginning in 2001, several serious weaknesses were reported and they demonstrate that WEP protocol is vulnerable in a number of areas. In essence, the problem is not in RC4 itself but in the way to generate the key and in how to use the key for RC4 encryption. Many hackers and
computer security experts have discovered the WEP design flaws, which indicate that IEEE802.11 standards can only provide limited support to confidentiality. WEP provides a 40-bit key, which may be sufficient to keep away a common hacker but incapable to ward off a professional hacker. Either a 40-bit key or a 128-bit key can be easily cracked within two or three hours. RC4 is probably the most widely used stream cipher nowadays due to its simplicity and high efficiency. This paper focuses on the research to enhance RC4 algorithm. The rest of the paper is organized as follows. RC4 algorithm is introduced in Section 2. In Section 3, we present the RC4 encryption and decryption. The weakness of RC4 is presented in Section 4. In Section 5, we provide analysis of the main attack. Section 6 introduces the improvement of RC4. Section 7 concludes this paper.
2 RC4 Algorithm
The principle of RC4 algorithm consists of two
Components: key-scheduling algorithm (KSA) and pseudo-random number generation algorithm (PRGA). The key function of KSA is to complete initialization of RC4 Key, while the key function of PRGA is to produce pseudo-random number. The pseudo code for RC4 algorithm (KSA and PRGA) is shown below.
KSA
Begin
for i=0 to 255
Si=i;
Ki=K[i mod n];
End
For k=0;
for i=0 to 255
j=(j+Si+Ki) mod 256
swap(Si,Sj)
end for
end
PRGA
begin
i=0;
j=0;
while(true)
i=(i+1) mod 256
j=(j+Si) mod 256;
swap(Si,Sj);
t=(Si+Sj) mod 256
K=St;
end loop
end
Stream ciphers and block ciphers are two classes of encryption algorithms. Stream ciphers encrypt a one-bit plaintext at a time, using a time-dependent encryption transformation. Block ciphers encrypt groups of plaintext characters using a fixed encryption transformation. Stream
Ciphers and block ciphers have their respective
characteristics, but stream ciphers are almost always faster and use far less code than block ciphers do. RC4 is a variable key-size stream cipher based on a 256-byte secret internal state and two one-byte indexes. The data is encrypted by XORing data with the key stream which is generated by RC4 from a base key. For a given base key, KSA generates an initial permutation state denoted by S0. PRGA is a repeated loop procedure and each loop generates a one-byte pseudo-random output as the stream key. At each loop, a one-byte stream key is generated and it
is XORed with one-byte of the plaintext, in the meantime a new 256-byte permutation state S as well as two one-byte indices i and j are updated, which defined by (Sk+1, ik+1, jk+1) = PRGA(Sk, ik, jk) where ik+1and jk+1 are the indices and Sk+1 is the state updated from ik, jk, and Sk by
applying one loop of PRGA.
3 RC4 Encryption and Decryption
The encryption process of WEP is shown in Figure1, WEP uses 40-bit or 104-bit encryption key connected with 24-bit IV to generate 64-bit or 128-bit seed key, and then send the seed key to a random generator PRNG, encrypt the plaintext with pseudo-random sequence [2]. System uses CRC32 (32-bit cyclic checksum) for integrity verifying to ensure that the message will not be modified during transmission that sends IV, plaintext and integrity check value (ICV) to the other [3]. The decryption process of WEP is shown in Figure 1. The decryption key sequence is generated in the same way that generates encryption key, XORed with cipher text to get the
plaintext. Compare ICV with integrity check value ICV ' calculated by CRC32, if the encryption key is the same as decryption key, and ICV '= ICV, then the receiver gets the original plaintext data. Many encryption algorithms are widely available in wired
networks. They can be categorized into a symmetric key encryption. In symmetric key encryption and secret key encryption, only one key is used to encrypt and decrypt data and the key should be distributed before transmission between entities. It is also very efficient since the key size
can be small, while the functions used for encryption are hardware operations, and the encryption time can be very short. However, in large communication networks, key distribution can be a significant problem. Asymmetric key encryption or public key encryption is used to solve the key distribution problem. This uses two keys, one for encryption and another for decryption, and there is no need for distributing them prior to transmission. Public key encryption is based on mathematical functions, computationally intensive and not very efficient for small wireless devices.
Generally, most encryptions used in wireless devices are based on symmetric key encryption, such as RC4. RC4 is a stream cipher designed by Ron Rivest in 1987 and it is widely used in many applications today and in wireless networks such as IEEE 802.11 WEP and CDPD. With a unique key, a stream of pseudo-random numbers is generated, and then the encryption of data XORs the pseudo-random numbers from the stream with the data. RC4 is known to be fast and efficient, for it can be written using only a few lines of codes and requires only 256 bytes of random access memory (RAM). Hence, it is one of the best encryption schemes during the past decade. RC4 is standardized to provide security services in WLAN using the WEP protocol. However, Fluhrer and many researchers have discovered several vulnerabilities in the RC4 algorithm. The weaknesses in RC4 and loopholes in the WEP protocol have resulted in a new standard for security in WLAN (IEEE 802.11i) proposing a new protocol based on the advanced encryption standard (AES). AES is a block cipher designed by Joan Daemen and Vincent Rijmen that has a variable key length of 128, 192, or 256 bits to encrypt data blocks of 128, 192, or 256 bits long. Both block and key length are extensible to multiples of 32 bits. AES encryption is fast and flexible, and it can be implemented on various platforms especially in small devices and smart
cards. Also, AES has been rigorously tested for security loopholes for a few years before it was standardized by NIST.Figure 1 shows the process of encryption and the reverse of this is decryption.