Attack breaks RC4 cipher in 75 hours, busts SSL, WPA

Researchers have found yet another way to attack the aging RC4 stream cipher, an encryption scheme still used by many websites' SSL setups and the legacy Wi-Fi encryption protocol WPA-TKIP. The new attack only requires 75 hours' worth of collected data, or 52 hours if JavaScript is injected into a victim's browser.

The RC4 cipher has been under scrutiny for quite some time. Several research papers detail a variety of methods that would make an attack computationally feasible. The previous minimum data collection time that ...

Read more...