A Practical Attack Against the Use of RC4 in the HIVE Hidden Volume Encryption System

8 years 8 days ago

Download eprint.iacr.org

The HIVE hidden volume encryption system was proposed by Blass et al. at ACM-CCS 2014. Even though HIVE has a security proof, this paper demonstrates an attack on its implementation that breaks the main security property claimed for the system by its authors, namely plausible hiding against arbitrary-access adversaries. Our attack is possible because of the HIVE implementation’s reliance on the RC4 stream cipher to ﬁll unused blocks with pseudorandom data. While the attack can be easily eliminated by using a better pseudorandom generator, it serves as an example of why RC4 should be avoided in all new applications and a reminder that one has to be careful when instantiating primitives.

Kenneth G. Paterson, Mario Strefler

Real-time Traffic

CCS 2015 | Security Privacy |

claim paper

Post Info
More Details (n/a)

Added	17 Apr 2016
Updated	17 Apr 2016
Type	Journal
Year	2015
Where	CCS
Authors	Kenneth G. Paterson, Mario Strefler

Comments (0)

Sciweavers

A Practical Attack Against the Use of RC4 in the HIVE Hidden Volume Encryption System

CCS 2015 | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers