Tumblelog by Soup.io
Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

June 29 2016


The way to Crack RC4 Encryption in WPA-TKIP and TLS

Transport Layer Security (TLS) Hack 2016
Security scientific study has developed a more practical and feasible attack technique resistant to the RC4 cryptographic algorithm that may be still widespread to encrypt communications on the net.

Despite being early, RC4 (Rivest Cipher 4) is still the most favored cryptographic cipher implemented in lots of popular protocols, including:

 SSL (Secure Socket Layer)
 TLS (Transport Layer Security)
 WEP (Wired Equivalent Privacy)
 WPA (Wi-Fi Protected Access)
 Microsoft�s RDP (Remote Desktop Protocol)
 and many more

However, weaknesses inside algorithm have been located in the past, indicating how the RC4 should be wiped from the web. But, yet about 50% of most TLS users are currently protected utilizing the RC4 encryption algorithm.

Now, the matter got worse, when two Belgian security researchers demonstrated a much more practical attack against RC4, allowing an attacker to subsequently expose encrypted information in a much shorter length of time than once was possible.

Attack on RC4 with 94% Accuracy
Transport Layer Security (TLS) Hack 2016
An episode on RC4 demonstrated in 2013 required in excess of 2,000 hours to complete. However, a more successful attack was presented this coming year in March, which focused on password recovery attacks against RC4 in TLS and required about 312 to 776 hours to complete.

Don't be the product, buy the product!