International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.

ENHANCEMENT OF WIRELESS SECURITY BY ELIMINATING WEAKNESSES IN RC4 ALGORITHM

Sandeep Sharma, Research Scholar, Manav Bharti University, Solan, H.P Ritesh Rastogi, Research Scholar, Manav Bharti University Solan HP

ABSTRACT Now-a- days Wi-Fi or wireless networks (IEEE 802.11) are most widely used and for authentication of intended user & data security by encryption is very necessary to protect the data and to avoid unauthorized access to the network. For a long time (more than 15 years) the basic algorithm is used for the same to provide security in wireless medium. RC4, RC5, RC6 and AES were used time to time to provide strength against the attacks on these, some papers show the key recovery and breaking of cryptosystem of RC4 in 60 seconds or less time. In this paper I presenting the modification to the very basic RC4 algorithm to provide more secure and attack resistance. The symmetric ciphers used in RC4 are generated by another random number generation technique and make this stronger to various attacks like brute force and dictionary attacks.

Keywords: WEP- Wired Equivalent Privacy, WPA-Wi-Fi Protected Access, IEEE 802.11, RC4

____________________________ INTRODUCTION An increasing number of government agencies, businesses, and home users are using wireless technologies in their environments. People should be aware of the security risks related with wireless technologies because they need to develop strategies that will increase risks as join together wireless technologies into their IT environments. There are many wireless security technologies that can be implemented for better security, for example, WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access)[8] and VPN (Virtual Private Network). The popularity of wireless networks is causing many engineers to analyze weaknesses and vulnerabilities in current wireless protocols. In the 802.11 standard an optional encryption protocol called Wired Equivalency Privacy (WEP) is used to make wireless traffic as secure as wired network traffic. WEP's duty is to

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. encrypt packets and authenticate wireless LAN adapters. WEP is implemented at the data-link layer on all Wi-Fi compliant devices. RC4 is used as the encryption algorithm in WEP, which has been thoroughly analyzed and thought of as secure. WEP suffers from the following weakness: - A shared key weakness - No per-packet authentication - Vulnerability to disassociation attacks - No user identification and authentication - No central authentication, authorization, and accounting support - RC4 is vulnerable to known plaintext attacks

To address these concerns IEEE has replaced WEP with a patch called WSA. These new revisions to the original 802.11 standard will be used in the new version of security protocols 802.11i and 802.1X. [7]

This paper will discuss the weaknesses and vulnerabilities of WEP and solutions to WEP's security concerns and provide input to the design of future 802.11 protocols.

1.

RC4

The RC4 Keystream generator (Rons code #4, RSA Data Security Inc., 1987) is based on the table-shuffling principle and is designed for fast software implementation. It is used in many commercial products, including Lotus Notes, Oracle Secure SQL, Microsoft Windows, as well as some standards such as Secure Sockets Layer standard SSL 3.0. The RC4 is, in fact, a family of algorithms parameterized by a positive integer n, which denotes the width of a table entry and the width of output symbol in bits, as well (usually n = 8). The initial table is derived from a secret key. International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. The table varies slowly in time steps by swapping two entries indexed by two pointers, while all other entries in the table remain the same. A sequence of output symbols makes the stream, which is XORed with the plaintext to generate the final cipher text. Since the output sequence depends on the initial table only, the knowledge of this table enables generating the output sequence without knowing the secret key. RC4 generates a pseudorandom stream of bits (a Keystream) which, for encryption, is combined with the plaintext using XOR; decryption is performed the same way. To generate the Keystream, the cipher makes use of a secret internal state which consists of two parts: 1. 2. A permutation of all 256 possible bytes (denoted "S" below). Two 8-bit index-pointers (denoted "i" and "j").

The permutation is initialized with a variable length key, typically between 40 and 256 bits, using the key-scheduling algorithm (KSA). Once this has been completed, the stream of bits is generated using the pseudo-random generation algorithm (PRGA). 2.1 THE KEY-SCHEDULING ALGORITHM (KSA) The key-scheduling algorithm is used to initialize the permutation in the array "S". "keylength" is defined as the number of bytes in the key and can be in the range 1 keylength 256, typically between 5 and 16, corresponding to a key length of 40 128 bits. First, the array "S" is initialized to the identity permutation. S is then processed for 256 iterations in a similar way to the main PRGA algorithm, but also mixes in bytes of the key at the same time. for i from 0 to 255 S[i] := i endfor

j := 0 for i from 0 to 255 j := (j + S[i] + key[i mod keylength]) mod 256 swap(S[i],S[j]) endfor

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.

2.2 THE PSEUDO-RANDOM GENERATION ALGORITHM (PRGA)

Figure 1.PRGN. The lookup stage of RC4. The output byte is selected by looking up the values of S(i) and S(j), adding them together modulo 256, and then looking up the sum in S; S(S(i) + S(j)) is used as a byte of the key stream, K. For as much iteration as are needed, the PRGA modifies the state and outputs a byte of the keystream. In each iteration, the PRGA increments i, adds the value of S pointed to by i to j, exchanges the values of S[i] and S[j], and then outputs the value of S at the location S[i] + S[j] (modulo 256). Each value of S is swapped at least once every 256 iterations.

i := 0 j := 0 while GeneratingOutput: i := (i + 1) mod 256 j := (j + S[i]) mod 256 swap(S[i],S[j]) output S[(S[i] + S[j]) mod 256] endwhile

2.

SECURITY FLAWS OF RC4 ALGORITHM

RC4 falls short of the standards set by cryptographers for a secure cipher in several ways, and thus is not recommended for use in new applications. The keystream generated by RC4 is slightly biased

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. in favour of certain sequences of bytes. The best attack based on this bias is due to Fluhrer and McGrew, which will distinguish the keystream from a random stream given a gigabyte of output. RC4 does not take a separate nonce alongside the key. Such a nonce is, in general, a necessary requirement for security, so that encrypting the same message twice produces a different cipher text each time. One approach to addressing this is to generate a "fresh" RC4 key by hashing a longterm key with a nonce. However, many applications that use RC4 simply concatenate key and nonce; RC4's weak key [9] schedule then gives rise to a variety of serious problems.

3.1 FLUHRER, MANTIN AND SHAMIR ATTACK [6] In 2001 a new and surprising discovery was made by Fluhrer, Mantin and Shamir: over all possible RC4 keys, the statistics for the first few bytes of output keystream are strongly non-random, leaking information about the key. If the long-term key and nonce are simply concatenated to generate the RC4 key, this long-term key can be discovered by analyzing a large number of messages encrypted with this key. This and related effects were then used to break the WEP (wired equivalent privacy) encryption used with 802.11 wireless networks. This caused a scramble for a standards-based replacement for WEP in the 802.11 market, and led to the IEEE 802.11i effort and WPA. Cryptosystems can defend against this attack by discarding the initial portion of the keystream. Such a modified algorithm is traditionally called "RC4-drop[n]", where n is the number of initial keystream bytes that are dropped.

3.2 KLEIN'S ATTACK In 2005, Andreas Klein presented an analysis of the RC4 stream cipher showing more correlations between the RC4 keystream and the key. Erik Tews, Ralf-Philipp Weinmann, and Andrei Pyshkin used this analysis to create aircrack-ptw, a tool which cracks 104-bit RC4 used in 128-bit WEP in under a minute. Whereas the Fluhrer, Mantin, and Shamir attack used around 10 million messages, aircrack-ptw can break 104-bit keys in 40,000 frames with 50% probability, or in 85,000 frames with 95% probability.

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.

4. WEP WEP [4] is a security protocol for WLAN defined in the 802.11b standard. The 802.11 standard describes the communication that occurs in WLAN. The algorithm of WEP is used to protect wireless communication from eavesdropping. It relies on a secret key that is shared between a mobile station and an access point. The secret key is used to encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are not modified in transit. WEP is designed to make up for the inherent insecurity.

PROBLEMS WITH WEP

4.1 KEY GENERATION AND DISTRIBUTION PROBLEMS

The main downfall of the WEP protocol is the process of key generation for the RC4 stream cipher. Key generation is done by using a secret key of 40 or 104 bits appended with a 24bit IV and then sent through the RC4 algorithm. The secret key is only 40 or 104 bits in length even though in many cases it is advertised as 64bits or 128bits respectively. With 40bit keys the WEP protocol is very susceptible to brute force attacks. The IV is also too small at only 24bits. An IV of 24bits only allows 16,777,216 for a given WEP key. 4.2 INTEGRITY CHECK ALGORITHM PROBLEMS

The Integrity Check Algorithm used in WEP is based on the common Cyclic Redundancy Check (CRC-32). CRC-32 is not cryptographically secure to authenticate the message. It is used mainly as a way to detect bit errors that occur during transmission of the packet, not to authenticate the integrity of the message. CRC-32 is a simple mathematical computation that can easily predict a bit change, which means it is also easy to predict an ICV value of a forged packet. With modern computers it is easy to determine an ICV value that will authenticate the integrity of a forged packet. The CRC-32 function should really be a secure hash function such as SHA-1 or MD5.

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.

5. PROPOSED CHANGED TO EXISTING ALGORITHM A. Increasing the number of bits for initializing the KSA. It will increase the time of key recovery and be more secure as it take very long time to detect. Average time required for exhaustive key search Key Size (bits) 32 Number of Alternative Keys 232 = 4.3 x 109 56 256 = 7.2 x 1016 128 2128 = 3.4 x 1038 168 2168 = 3.7 x 1050 5.4 x 1018 years 5.9 x 1030 years Time required at 106 Decryption/s 2.15 milliseconds 10 hours

Table 1.Approximate time of decryption

B. A new pseudo-random number generator

Pseudo-random number generators (PRNG) are widely used nowadays in computer systems for data encryption and simulation. They provide sequences of numbers statistical properties of which are similar to the random numbers with a uniform distribution. Contrary to really random numbers, pseudo-random numbers can be repeated if initial state for PRNG will be the same. Thus, sending and receiving sides use the same initial state and can produce the same sequence of the numbers. An encryption is made by, for example, the byte wise XOR operation on the plaintext

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. bytes and the bytes of a generated sequence, while decryption uses the same operation but on the cipher text and the generated sequence of the numbers. Algorithm RC4 is one of the most widely used PRNG. Security strength of PRNG depends on actual characteristics of generated sequences. A period of a generated sequence is one of the most important characteristics of PRNG. A period is a number of generated numbers after generation of which, the sequence of the numbers will repeat. The maximal number of not repeated permutations of n numbers is known to be n!. The algorithm RC4 uses permutations of n=256 numbers, hence a period of RC4 may be about 256!, which is significantly greater than 10100 since due to Stirlings formula n! nnen 2n , when n, one can write 256! 256256 e256 2 256 10500 . Here an extension of the RC4 algorithm which guarantees period of generated sequences of the order to preserves good randomness. A variable-length key of from 1 to 256 bytes is used to initialize a 256-byte state vector S, with elements S[0], S[1],.., S[255]. The vector S contains a permutation of all 8-bit numbers from 0 to 255 at an each time instant. For encryption and decryption, a byte k is generated from S by selecting one of the 256 entries in a systematic fashion. After the next value of k is generated, entries in S are again permuted. Initialization of S: Initialization of S is made as follows: /*Initialization part*/ 1 2 3 4 for (i=0, 255){ S[i]=i T[i]=K[i mod keylen]; }

Where a temporary array T is filled using a key K of the length keylen (line 3 of Initialization part). After that, the array T is used to produce the initial permutation S: /*Initial permutation part*/ 1 j=0;

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. 2 3 4 5 for (i=0,255){ j=(j+S[i]+T[i]) mod 256; swap(S[i], S[j]); }

/*Heaps algorithm*/ 1 for(i=N;i>1;i--)c[i]=1; i=2; 2 process; 3 do{ 4 if (c[i]<i){ 5 if (odd(i)) k=1; 6 else k=c[i]; 7 swap(P[i],P[k]); 8 c[i]=c[i]+1; i=2; 9 processes; 10} 11 else {c[i]=1; i=i+1}; 12} while (i<=N);

In the Heaps algorithm above, process (lines 2, 9) is a macro which is to be invoked each time when next permutation is ready; odd(i) is true if i is odd, otherwise it returns false. Next permutation in the Heaps algorithm is obtained by lines 3-12 and terminates in line 9 (normal termination).

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. Heaps algorithm terminates in line 12, if all N! permutations are already generated. Hence, RC4 algorithm can be represented as follows.

New algorithm. 1. RC4 Initialization part 2. RC4 Initial permutation part 3. Initialize permutation P=S (first permutation for change mechanism is the same as an initial permutation for RC4). Initialize RC4Counter. 4. Generate next RC4Counter permutations by RC4 Stream generation part 5. Find next after P permutation by Heaps algorithm; it will be the new P. 6. S=P 7. Go to step 4.

C. Pseudo-Random Number Generation through Special Numbers/ Series- Narcissistic number 1. Armstrong number is a number that in a given base is the sum of its own digits to the power

of the number of digits. To put it algebraically, let be an integer with representation dkdk 1...d1 in base-b notation. If

then n is a narcisstic number. For example, the decimal (Base 10) number 153 has three digits and is a narcissistic number, because: 1 3+53+33=153. 2. Constant base numbers : for some m.

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January. 3. Perfect digit-to-digit invariants: 4. Ascending power numbers: 5. Friedman numbers 6. Sum-product numbers : 7. Dudeney numbers : 8. Factorions : where di are the digits of n in some base.

6. CONCLUSION

The WEP protocol described in 802.11 is not sufficient at creating cryptographically secure communication between a wireless client and an access point. It will only stop the casual attacker, with virtually no security to protect a network from the professional hacker. The problems with WEP are as follows: Key Generation and Distribution [2] Weak IVs and Keys [1] Predictable Integrity Check algorithm (CRC-32) Freely available tools to break WEP/WPA [5]

The random number generation part of RC4 algorithm is proposed to be modified so as to generate more secure cryptography. It increases the time to break as well hence more secure by increasing the no. of bits for key encryption i.e. 2048. The proposed random generation through special number or series which are more powerful random than other, the permutation and combination of these numbers will definitely create a more secure algorithm.

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.

7. REFERENCES [1] Whats wrong with WEP? www.ilabs.interop.net/WLAN_Sec_2002Spring/ni_2002_las_wrong_wep.pdf [2] Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards . http://www.nextcomminc.com/Key_Hopping.pdf [3] Standards Will Fill Holes in WEP Authentication and Encryption

http://www.eweek.com/article2/0,3959,857776,00.asp [4] Security of the WEP algorithm http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html [5] AirSnort http://airsnort.shmoo.com/ [6] [7] Fluher S., Mantin I., Shamir A., Weaknesses in Key Scheduling Algorithm of RC4. Diving into the 802.11i Spec: A Tutorial. Dennis Eaton. http://www.commsdesign.com/design_corner/OEG20021126S0003 [8] Wi-Fi Protected Access http://www.intersil.com [9] Roos, A.: A class of weak keys in RC4 stream cipher (sci.crypt) (1995)

_______________________ Authors would like to extend their heartfelt thanks to the academic and infrastructural support received from the University.

International Journal of Advances in Engineering Research (IJAER)

International Journal of Advances in Engineering Research http://www.ijaer.com/index.html (IJAER) 2011, Vol.No.I, Issue No.1, January.
Both authors are in service with Noida Institute of Engineering and Technology, Greater Noida, NCR Delhi, INDIA.

International Journal of Advances in Engineering Research (IJAER)