Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
On non-negligible bias of the first output byte of RC4 towards the first three bytes of the secret key
Paul G., Rathi S., Maitra S. Designs, Codes and Cryptography49 (1-3):123-134,2008.Type:Article
Date Reviewed: Feb 12 2009

RC4, developed by Ron Rivest in 1987, is a widely used stream cipher in commercial software applications. Since no linear feedback shift registers (LFSRs) are used to implement RC4, it is ideal for software implementation. To produce a pseudorandom keystream, the RC4 cipher has two main parts: the key-scheduling algorithm (KSA) and the pseudorandom generation algorithm (PRGA). Many scholars have uncovered the insecurity of RC4. In 2001, Fluhrer, Mantin, and Shamir discovered several weaknesses in the KSA [1]. Recently, Klein presented an improved way of attacking RC4 using the correlations between the RC4 keystream and the key [2].

Tews, Weinmann, and Pyshkin demonstrated an attack of a 104-bit RC4 in less than 60 seconds [3]. Therefore, the RC4 cipher is no longer recommended for use in new applications.

In this paper, the authors point out another weakness of RC4 by showing the correlation between the first byte of the keystream output of RC4 and the sum of the first three bytes of the secret key. As mentioned above, the correlation between keystream and specific secret keys has been observed and published in several other papers. This paper is the first to prove the keystream’s correlation with any arbitrary key. Therefore, the result may be more useful for the future design and analysis of ciphers. Besides the main contribution, the authors provide theoretical proof of some experimental observations in the RC4 stream cipher related to weak keys.
Reviewer:  Hao Wang Review #: CR136507 (0910-0952)
1) Fluhrer, S.; Mantin, I.; Shamir, A. Selected areas in cryptography Lecture Notes in Computer Science (LNCS): Lecture Notes in Computer Science (LNCS). Springer Berlin/Heidelberg, , 2001.
2) Klein, A. Attacks on the RC4 stream cipher. Designs, Codes and Cryptography 48, 3(2008), 269–286.
3) Tews, E.; Weinmann, R.; Pyshkin, A. Information security applicationsLecture Notes in Computer Science (LNCS): Lecture Notes in Computer Science (LNCS). Springer Berlin/Heidelberg, , 2008.
Bookmark and Share
 
Data Encryption (E.3 )
 
 
Number-Theoretic Computations (F.2.1 ... )
 
 
Permutations And Combinations (G.2.1 ... )
 
 
Combinatorics (G.2.1 )
 
 
Numerical Algorithms And Problems (F.2.1 )
 
Would you recommend this review?
yes
no
Other reviews under "Data Encryption": Date
ESA/390 integrated cryptographic facility
Yeh P., Ronald M. S. IBM Systems Journal 30(2): 192-205, 1991. Type: Article		 Feb 1 1992
Design and implementation of an RSA cryptosystem using multiple DSP chips
Er M., Wong D., Sethu A., Ngeow K. Microprocessors & Microsystems 15(7): 369-378, 1991. Type: Article		 Nov 1 1993
An introduction to cryptography
Diffie W. (ed), Hellman M., John Wiley & Sons, Inc., New York, NY, 1984. Type: Book (9780471262336)		 Feb 1 1986
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy