著者
Yuhei Watanabe Takahiro Iriyama Masakatu Morii
出版者
Information Processing Society of Japan
雑誌
Journal of Information Processing (ISSN:18826652)
巻号頁・発行日
vol.25, pp.288-295, 2017 (Released:2017-03-15)
参考文献数
16

WEP has serious vulnerabilities, and they cause various key recovery attacks. Although a more secure protocol such as WPA2 is recommended, according to each research by IPA and Keymans NET, WEP is still widely used because of the lack of knowledge about security of the wireless LAN. On the other hand, it takes large costs to replace a wireless LAN equipment in large-scale facilities. They need a secure method which can be used on their equipment by updating the firmware of WEP. In 2011, Morii, one of us, et al. showed IVs which prevented the Klein attack, the PTW attack, and the TeAM-OK attack. However, they did not present how to obtain such IVs and evaluate security of them. This paper shows the secure method of WEP and how to use it as fast as WEP. We show an IV which prevents the establishment of previous key recovery attacks. Moreover, we show how to use our IV efficiently on the operation of WEP. Our method requires about 1.1 times the processing time for the encryption than WEP. As a result, our method can prevent previous key recovery attacks and realize communication as fast as WEP.
著者
Keisuke Furumoto Masakatu Morii
雑誌
情報処理学会論文誌 (ISSN:18827764)
巻号頁・発行日
vol.59, no.4, 2018-04-15

In recent years, QR code is used in various situations such as in medical prescription and the boarding procedure at the airport in addition to conventional applications. With expanding application, there are some QR codes that cannot be read by the conventional method. In this paper, we refer to this kind of QR code as obfuscated QR code. Considering the situation that the QR code is more common, improving the encoding method is not realistic. Hence, in reading obfuscated QR code, improving only the decoding method is required. In general, Euclidean decoding is used in the decoding method of QR code. On the other hand, Generalized Minimum Distance (GMD) decoding has been proposed. GMD decoding is a method of approximately performing maximum likelihood decoding by using information of the likelihood of each symbol called reliability. However, a method for calculating the reliability information of each symbol of the two-dimensional code has not been proposed. In this paper, we propose a method of calculating reliability information using the graphical features of QR code. Then, we show the proposed method is more useful in recognition accuracy of an obfuscated QR code than the conventional method using Euclidean decoding.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.26(2018) (online)DOI http://dx.doi.org/10.2197/ipsjjip.26.350------------------------------
著者
Masakatu MORII Yosuke TODO
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE TRANSACTIONS on Information and Systems (ISSN:09168532)
巻号頁・発行日
vol.E94-D, no.11, pp.2087-2094, 2011-11-01

In recent years, wireless LAN systems are widely used in campuses, offices, homes and so on. It is important to discuss the security aspect of wireless LAN networks in order to protect data confidentiality and integrity. The IEEE Standards Association formulated some security protocols, for example, Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access Temporal Key Integrity Protocol (WPA-TKIP). However, these protocols have vulnerability for secure communication. In 2008, we proposed an efffective key recovery attack against WEP and it is called the TeAM-OK attack. In this paper, first, we present a different interpretation and the relation between other attacks and the TeAM-OK attack against WEP. Second, we present some existing attacks against WPA-TKIP and these attacks are not executable in a realistic environment. Then we propose an attack that is executable in a realistic environment against WPA-TKIP. This attack exploits the vulnerability implementation in the QoS packet processing feature of IEEE 802.11e. The receiver receives a falsification packet constructed as part of attack regardless of the setting of IEEE 802.11e. This vulnerability removes the attacker's condition that access points support IEEE 802.11e. We confirm that almost all wireless LAN implementations have this vulnerability. Therefore, almost all WPA-TKIP implementations cannot protect a system against the falsification attack in a realistic environment.
著者
Ryoichi TERAMURA Toshihiro OHIGASHI Hidenori KUWAKADO Masakatu MORII
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences (ISSN:09168508)
巻号頁・発行日
vol.E94-A, no.1, pp.10-18, 2011-01-01

Conventional class of weak keys on RC4 stream cipher is defined as a specific case that combinations of the first three bytes of secret key satisfy two relational equations. This paper expands and generalizes the classes of weak keys using generalized relational equations and special classes of the internal state (called predictive state). We derive the probability that generalized classes of weak keys leak the information of bytes of the secret key. Furthermore, we enumerate the generalized classes of weak keys and show that most of them leak more information of the secret key than Roos' one.
著者
Ryoichi TERAMURA Yasuo ASAKURA Toshihiro OHIGASHI Hidenori KUWAKADO Masakatu MORII
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences (ISSN:09168508)
巻号頁・発行日
vol.E93-A, no.1, pp.164-171, 2010-01-01

Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.