Given that RC4 is a stream cipher (I\'m pretty sure the details of its inner wor

Question

Given that RC4 is a stream cipher (I'm pretty sure the details of its inner workings don't matter for the sake of this argument) and the existence of Mixed Scripting / Mixed Display (web applications requesting and retrieving contents both over unencrypted and encrypted channels). Does the combination of a stream cipher encrypted SSL session and a mixed scripting / mixed display vulnerability not constitute grounds for an XOR attack?

I understand that if content is requested unencrypted we essentially have the plaintext, but what would one not be able to retrieve the SSL sessions symmetric encryption key using such an XOR attack? i.e. [encrypted request] XOR [unencrypted request] = some key bits?

Explanation / Answer

What you call the "XOR attack" is based upon the secret stream being reused; i.e. there is some secret stream S, data D that gets encrypted by XORing it with S, and some other data D' that gets encrypted by XORing it with the same secret stream S. In that case, if the attacker knows D he learns D'.

However, when RC4 is used in SSL, the key is brand new for that connection, and the various data elements that get encrypted are XORed with different parts of the stream. An important security feature of stream ciphers is indeed that key-dependent stream bytes cannot be guessed from knowledge of other bytes of the same stream. A good stream cipher is akin to a cryptographically secure PRNG: without knowledge of the key, chunks from the same stream still appear unrelated to each other.

(Of course RC4 has its own shortcomings, e.g. known biases; but, at least, SSL employs it properly, i.e. with a new key for each connection.)

Related Questions

Navigate

• Browse (All)
• Browse G
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.