Detecting Man-in-the-Middle Attacks against Transport Layer Security Connections with Timing Analysis

The Transport Layer Security (TLS) protocol is a vital component to the protection of data as it traverses across networks. From e-commerce websites to Virtual Private Networks (VPNs), TLS protects massive amounts of private information, and protecting this data from Man-in-the-Middle (MitM) attacks is imperative to keeping the information secure. This thesis illustrates how an attacker can successfully perform a MitM attack against a TLS connection without alerting the user to his activities. By deceiving the client machine into using a false certificate, an attacker takes away the only active defense mechanism a user has against a MitM. The goal for this research is to determine if a time threshold exists that can indicate the presence of a MitM in this scenario. An analysis of the completion times between TLS handshakes without a MitM, with a passive MitM, and with an active MitM is used to determine if this threshold is calculable. Any conclusive findings supporting the existence of a timing baseline can be considered the first steps toward finding the value of the threshold and creating a second layer defense to actively protect against a MitM

Some Words on Cryptanalysis of Stream Ciphers

In the world of cryptography, stream ciphers are known as primitives used to ensure privacy over a communication channel. One common way to build a stream cipher is to use a keystream generator to produce a pseudo-random sequence of symbols. In such algorithms, the ciphertext is the sum of the keystream and the plaintext, resembling the one-time pad principal. Although the idea behind stream ciphers is simple, serious investigation of these primitives has started only in the late 20th century. Therefore, cryptanalysis and design of stream ciphers are important. In recent years, many designs of stream ciphers have been proposed in an effort to find a proper candidate to be chosen as a world standard for data encryption. That potential candidate should be proven good by time and by the results of cryptanalysis. Different methods of analysis, in fact, explain how a stream cipher should be constructed. Thus, techniques for cryptanalysis are also important. This thesis starts with an overview of cryptography in general, and introduces the reader to modern cryptography. Later, we focus on basic principles of design and analysis of stream ciphers. Since statistical methods are the most important cryptanalysis techniques, they will be described in detail. The practice of statistical methods reveals several bottlenecks when implementing various analysis algorithms. For example, a common property of a cipher to produce n-bit words instead of just bits makes it more natural to perform a multidimensional analysis of such a design. However, in practice, one often has to truncate the words simply because the tools needed for analysis are missing. We propose a set of algorithms and data structures for multidimensional cryptanalysis when distributions over a large probability space have to be constructed. This thesis also includes results of cryptanalysis for various cryptographic primitives, such as A5/1, Grain, SNOW 2.0, Scream, Dragon, VMPC, RC4, and RC4A. Most of these results were achieved with the help of intensive use of the proposed tools for cryptanalysis

MRC4: A Modified RC4 Algorithm using Symmetric Random Function Generator for Improved Cryptographic Features

The Rivest Cipher 4 (RC4) has been one of the most popular stream ciphers for providing symmetric key encryption, and is now proposed as an efficient cipher within light-weight cryptography. As an algorithm it has been considered to be one of the fastest stream ciphers and one of the easiest to implement. Unfortunately, despite its simplicity of usage, a number of attacks on it have been found. Therefore, various improvements of this algorithm exist in cryptography, but none of them use proper randomness. This paper outlines modified version of RC4 and which has the desirable features of an efficient stream cipher algorithm, and which integrates the Symmetric Random Function Generator (SRFG) method. Though RC4 uses pseudorandom features with an initialisation vector and a seed value, the use of true randomness in RC4 is novel in this domain. Therefore, this paper proposes a modified RC4 as MRC4, and which then evaluates the statistical features of MRC4 based upon parameters such as non-linearity, resiliency, balancedness, propagation and immunity. Further, we have compared the security features and confusion-diffusion attributes with some recent variants of RC4 and have found that MRC4 is efficient in withstanding against attacks. The experimental results show that MRC4 supports a 60% better confusion property and 50% better diffusion as compared to the original RC4 method

Design and Analysis of RC4-like Stream Ciphers

RC4 is one of the most widely used ciphers in practical software applications. In this thesis we examine security and design aspects of RC4. First we describe the functioning of RC4 and present previously published analyses. We then present a new cipher, Chameleon which uses a similar internal organization to RC4 but uses different methods. The remainder of the thesis uses ideas from both Chameleon and RC4 to develop design strategies for new ciphers. In particular, we develop a new cipher, RC4B, with the goal of greater security with an algorithm comparable in simplicity to RC4. We also present design strategies for ciphers and two new ciphers for 32-bit processors. Finally we present versions of Chameleon and RC4B that are implemented using playing-cards

An Effective RC4 Stream Cipher

RC4 is the most widely used stream cipher around. A lot of modifications of RC4 cipher can be seen in open literature. Most of them enhance the secrecy of the cipher and the security levels have been analyzed theoretically by using mathematics. In this paper, a new effective RC4 cipher is proposed and the security analysis has been done using Shannon’s Secrecy theories where numerical values are obtained to depict the secrecy. The proposed cipher is a combination of Improved RC4 cipher proposed by Jian Xie et al and modified RC4 cipher proposed by T.D.B Weerasinghe, which were published prior to this work. Combination is done in such a way that the concept used in the modified RC4 algorithm is used in the Improved RC4 cipher by Jian Xie et al. Importantly, an immense improvement of performance and secrecy are obtained by this combination. Hence this particular modification of RC4 cipher can be used in software applications where there is a need to improve the throughput as well as secrecy

The Impact of TLS on SIP Server Performance

This report studies the performance impact of using TLS as a transport protocol for SIP servers. We evaluate the cost of TLS experimentally using a testbed with OpenSIPS, OpenSSL, and Linux running on an Intel-based server. We analyze TLS costs using application, library, and kernel profiling, and use the profiles to illustrate when and how different costs are incurred, such as bulk data encryption, public key encryption, private key decryption, and MAC-based verification. We show that using TLS can reduce performance by up to a factor of 20 compared to the typical case of SIP over UDP. The primary factor in determining performance is whether and how TLS connection establishment is performed, due to the heavy costs of RSA operations used for session negotiation. This depends both on how the SIP proxy is deployed (e.g., as an inbound or outbound proxy) and what TLS options are used (e.g., mutual authentication, session reuse). The cost of symmetric key operations such as AES or 3DES, in contrast, tends to be small. Network operators deploying SIP over TLS should attempt to maximize the persistence of secure connections, and will need to assess the server resources required. To aid them, we provide a measurement-driven cost model for use in provisioning SIP servers using TLS. Our cost model predicts performance within 15 percent on average

Statistical weakness in Spritz against VMPC-R: in search for the RC4 replacement

We found a statistical weakness in the Spritz algorithm designed by Ronald L. Rivest and Jacob C. N. Schuldt. For N=8: Prob(output(x)=output(x+2)) = 1/N + 0.000498. The bias becomes statistically significant (for N=8) after observing about 2^21.9 outputs. Analogous bias occurs for N=16. We propose an algorithm (VMPC-R) which for N=8 produced 2^46.8 (31 million times more) outputs which remained undistinguishable from random in the same battery of tests. Supported by a series of additional statistical tests and security analyses we present VMPC-R as an algorithm we hope can be considered a worthwhile replacement for RC4