Suppose that Trudy has a ciphertext message that was encrypted with the RC4 cipher—see Tables 3.1 and 3.2. For RC4, the encryption formula is given by c; = pi Θ fcj, where fc; is the ith byte of the keystream, Pi is the ith byte of the plaintext, and Cj is the ith byte of the ciphertext. Suppose that Trudy knows the first ciphertext byte, and the first plaintext byte, that is, Trudy knows Co and po.
a. Show that Trudy can determine the first byte of the keystream ko.
b. Show that Trudy can replace CQ with CQ, where c0 decrypts to a byte of Trudy's choosing, say, p'Q.
c. Suppose that a CRC [326] is used to detect errors in transmission. Can Trudy's attack in part b still succeed? Explain.
d. Suppose that a cryptographic integrity check is used (either a MAC, HMAC, or digital signature). Can Trudy's attack in part b still succeed? Explain.
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here