|Method breaking RC4|
In Singapore last week held a conference cryptographic Fast Software Encryption, the main event of which was the performance of the American professor Dan Bernstein (Dan Bernstein), who introduced a method of bypassing security protocols Transport Layer Security (TLS) and Secure Sockets Layer (SSL), if they use an algorithm encryption RC4.
This cipher in 1987, was created by Ron Rivest and is represented by RSA Security. Since then, thanks to the simplicity of the software and hardware implementation, it is widely used in a variety of security solutions, including TLS and SSL. Until recently, no developer is not of practical hacking techniques RC4.
A successful attack on the cipher can be implemented due to the lack of random bit stream that is transmitted message. If you run through this flow of a large number of network packets, you can identify a sufficient number of repetitive patterns in order to get the original message content.
For a successful attack to capture a large amount of encrypted traffic. Researchers report that he was able to bypass the security of TLS for 32 hours, but hackers can use various techniques to optimize and accelerate the process of breaking RC4.
Presentation slides from the conference Fast Software Encryption can be found here .