| Abstract |
Despite the evergrowing use of block ciphers, stream ciphers are still widely used: satellite communications (military, diplomatic...), civilian telecommunications, software... If their intrinsic security can be considered as strong, the main drwaback lies in the high risk of key misuse wich introduces severe weaknesses, even for unconditionnally secure ciphers like the Vernam system. Such misuses are still very frequent, more than we could expect. In this talk we explain how to detect such misuses, to identify ciphertexts that are relevant to this misuse (among a huge amount of ciphertexts) and finally how to recover the underlying plaintext within minutes. This may also apply to (intendly or not) badly implemented block ciphers. To illustrate this technique, this talk will also deal with the technical cryptanalysis of encryption used in Office up to the 2003 version (RC4 based). We will focus on Word and Excel applications. The cryptanalysis has been successfully and we manage to recover more than 90% of the encrypted texts in a few seconds. The attack is based both on a pure mathematical effort AND a few basic forensic approach. In a more general cases (e.g. satellite communications), we just need to intercept ciphertexts. In the Office case, we will explain in our sense that the attack does not rely on particular weakness but in a setting that can be seriously considered and described as a possible intended trap. We will develop this concept to explain how in a more general way such trap can be built.
|
top
