access icon free Results on significant anomalies of state values after key scheduling algorithm in RC4

It is already known that the internal permutation of the stream cipher RC4 generally deviates from a random permutation. These deviations are termed as biases, theoretical justification of which is being reported since early 2000. However, there are several biases (anomalies), which are not proven till date. In this study, the authors provide the theoretical proofs of all significant anomalies of RC4 in the 16-byte key setting. In the process, they also provide the theoretical justification of the zig-zag type distribution of the 31st output byte of RC4 (first discovered and presented by AlFardan et al. in USENIX 2013).

Inspec keywords: cryptography

Other keywords: random permutation; zigzag type distribution; state value anomalies; 16-byte key setting; RC4 stream cipher; key scheduling algorithm

Subjects: Cryptography; Cryptography theory

References

    1. 1)
      • 16. Mantin, I.: ‘Analysis of the stream cipher RC4’. Master's Thesis, The Weizmann Institute of Science, Israel, 2001.
    2. 2)
      • 4. Vanhoef, M., Piessens, F.: ‘All your biases belong to us: breaking RC4 in WPA-TKIP and TLS’. USENIX, 2015, pp. 97112. Available at https://www.rc4nomore.com/vanhoef-usenix2015.pdf.
    3. 3)
      • 1. Isobe, T., Ohigashi, T., Watanabe, Y., et al: ‘Full plaintext recovery attack on broadcast RC4’. FSE, 2013 (LNCS8424), pp. 179202.
    4. 4)
      • 13. Paul, G., Rathi, S., Maitra, S.: ‘On non-eligible bias of the first output byte of RC4 towards the first three bytes of the secret key’, Des. Codes Cryptogr., 2008, 49, (1–30), pp. 123134.
    5. 5)
      • 7. Jha, S., Banik, S., Isobe, T., et al: ‘Some proofs of joint distributions of keystream biases in RC4’. INDOCRYPT, 2016 (LNCS10095), pp. 305321.
    6. 6)
      • 19. Bernstein, D.: ‘Failures of secret-key cryptography’. Available at http://fse2013.spms.ntu.edu.sg/program.shtml.
    7. 7)
      • 11. Biham, E., Carmeli, Y.: ‘Efficient reconstruction of RC4 keys from internal states’. FSE, 2008 (LNCS5086), pp. 270288.
    8. 8)
      • 10. Sarkar, S., Venkateswarlu, A.: ‘Revisiting (nested) Roos bias in RC4 key scheduling algorithm’, Des. Codes Cryptogr., 2017, 82, 1–2, pp. 131148.
    9. 9)
      • 18. Paul, G., Maitra, S.: ‘RC4 stream cipher and its variants (book)’ (CRC Press, 2011).
    10. 10)
      • 8. Roos, A.: ‘A class of weak keys in the RC4 stream cipher’, Two posts in sci.crypt, message-id 43u1eh$1j3@hermes.is.co.za and 44ebge$llf@hermes.is.co.za, 1995. Available at http://marcel.wanda.ch/Archive/WeakKeys.
    11. 11)
      • 5. Bricout, R., Murphy, S., Paterson, K.G., et al: ‘Analysing and exploiting the mantin biases in RC4’. IACR Cryptology ePrint Archive2016.
    12. 12)
      • 6. Garman, C., Paterson, K.G., Merwe, T.V.d.: ‘Attacks only get better: password recovery attacks against RC4 in TLS’. USENIX, 2015, pp. 113128.
    13. 13)
      • 20. Paterson, K.G.: ‘Personal communication’, 2016.
    14. 14)
      • 12. Akgün, M., Kavak, P., Demirci, H.: ‘New results on the key scheduling algorithm of RC4’. INDOCRYPT, 2008 (LNCS5365), pp. 4052.
    15. 15)
      • 9. Paul, G., Maitra, S.: ‘Permutation after RC4 key scheduling reveals the secret key’. SAC, 2007 (LNCS4876), pp. 360377.
    16. 16)
      • 15. Mironov, I.: ‘(Not So) random shuffles of RC4’. CRYPTO, 2002 (LNCS2442), pp. 304319.
    17. 17)
      • 3. AlFardan, N., Bernstein, D., Paterson, K., et al: ‘On the security of RC4 in TLS’. USENIX, 2013, pp. 305320. Available at http://www.isg.rhul.ac.uk/tls/.
    18. 18)
      • 14. Maitra, S., Paul, G.: ‘New form of permutation bias and secret key leakage in keystream bytes of RC4’. FSE, 2008 (LNCS5086), pp. 253269.
    19. 19)
      • 17. Paul, G., Maitra, S., Srivastava, R.: ‘On non-randomness of the permutation after RC4 key scheduling’. AAECC, 2007 (LNCS4851), pp. 100109.
    20. 20)
      • 2. Ohigashi, T., Isobe, T., Watanabe, Y., et al: ‘How to Recover Any Byte of Plaintext on RC4’. SAC, 2013 (LNCS 8282), pp. 155173.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0451
Loading

Related content

content/journals/10.1049/iet-ifs.2016.0451
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading