New Results on the Key Scheduling Algorithm of RC4 | SpringerLink
Skip to main content
Springer Nature Link
Log in

New Results on the Key Scheduling Algorithm of RC4

  • Conference paper
Progress in Cryptology - INDOCRYPT 2008 (INDOCRYPT 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5365))

Included in the following conference series:

Abstract

A new bias is detected in the key scheduling algorithm of RC4 and a novel framework that advantageously combines this new bias with the existing ones is proposed. Using the new bias, a different algorithm is proposed to retrieve the RC4 key given the state table. The new method not only improves the success probability but also provides a more efficient way of calculation in comparison with the previous methods for any key size. The efficiency of the algorithm is demonstrated experimentally. If the key length is 40 bits, the secret key is retrieved with a 99% success rate in 0.007 seconds. The success probability for retrieving the 128 bit RC4 key is also increased significantly. 128-bit key can be retrieved with 3% success rate in 185 seconds and 7.45% success rate in 1572 seconds on a 2.67GHz Intel CPU.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Anonymous, RC4 Source Code, CypherPunks mailing list, September 9 (1994), http://cypherpunks.venona.com/date/1994/09/msg00304.html

  2. Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Finney, H.: An RC4 Cycle That Can‘t Happen, sci.crypt posting (September 1994)

    Google Scholar 

  4. Fluhrer, S.R., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  5. Fluhrer, S.R., McGrew, D.A.: Statistical Analysis of the Alleged RC4 Keystream Generator. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 19–30. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Golic, J.D.: Linear Statistical Weakness of Alleged RC4 Keystream Generator. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 226–238. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  7. Grosul, A.L., Wallach, D.S.: A Related-Key Cryptanalysis of RC4, Technical Report-00-358, Department of Computer Science, Rice University (October 2000)

    Google Scholar 

  8. Khazaei, S., Meier, W.: On Reconstruction of RC4 Keys from Internal States

    Google Scholar 

  9. Klein, A.: Attacks on the RC4 Stream Cipher, February 27 (2006), http://cage.ugent.be/klein/RC4

  10. Knudsen, L.R., Meier, W., Prenel, B., Rijmen, V., Verdoolaege, S.: Analysis Methods for (Alleged) RC4. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 327–341. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  11. Maitra, S., Paul, G.: New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 253–269. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Maitra, S., Paul, G.: New Form of Permutation Bias and Secret Key Leakage in Key Stream Bytes of RC4, http://eprint.iacr.org/2007/261.pdf

  13. Maitra, S.: Personal Communication

    Google Scholar 

  14. Mantin, I.: Analysis of the Stream Cipher RC4, M. Sc. Thesis, The Weizmann Institute of Science, Israel (2001), http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Mantin1.zip

  15. Mantin, I.: Predicting and Distinguishing Attacks on RC4 Keystream Generator. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 491–506. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Mantin, I., Shamir, A.: A Practical Attack on Broadcast RC4. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  17. Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Mironov, I.: (Not So) Random Shuffles of RC4. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 304–319. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  19. Paul, G., Maitra, S.: RC4 State Information at Any Stage Reveals the Secret Key. In: Proceedings of SAC 2007 (2007), http://eprint.iacr.org/2007/208.pdf

  20. Pudovkina, M.: The Number of Initial States of the RC4 Cipher with the Same Cycle Structure, Cryptology ePrint Archive, 2002-171, IACR 2002 (2002)

    Google Scholar 

  21. Roos, A.: A Class of Weak Keys in the RC4 Stream Cipher, Two posts in sci.crypt (1995), http://marcel.wanda.ch/Archive/WeakKeys

  22. Tews, E., Weinmann, R.P., Pyshkin, A.: Breaking 104 Bit WEP in Less than 60 Seconds (2007), http://eprint.iacr.org/2007/120.pdf

    Google Scholar 

  23. Vaudenay, S., Vuagnoux, M.: Passive-Only Key Recovery Attacks on RC4. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  24. Wagner, D.: Weak Keys in RC4, sci.crypt posting (September 1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Tübitak UEKAE, 41470, Gebze, Kocaeli, Turkey

    Mete Akgün, Pınar Kavak & Hüseyin Demirci

Authors
  1. Mete Akgün
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pınar Kavak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hüseyin Demirci
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India

    Dipanwita Roy Chowdhury

  2. K.U. Leuven, ESAT/COSIC Kasteelpark, Arenberg 10, B-3001, Leuven-Heverlee, Belgium

    Vincent Rijmen

  3. Department of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India

    Abhijit Das

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Akgün, M., Kavak, P., Demirci, H. (2008). New Results on the Key Scheduling Algorithm of RC4. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds) Progress in Cryptology - INDOCRYPT 2008. INDOCRYPT 2008. Lecture Notes in Computer Science, vol 5365. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89754-5_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-89754-5_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-89753-8

  • Online ISBN: 978-3-540-89754-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation