Abstract
RC4 Key Scheduling Algorithm (KSA) uses a secret pseudo-random index j which is dependent on the secret key. Let S N be the permutation after the complete KSA of RC4. It is known that the value of j in round y + 1 can be predicted with high probability from S N [y] for the initial values of y and from \(S^{-1}_N[y]\) for the final values of y. This fact has been exploited in several recent works on secret key recovery from S N . In this paper, we perform extensive analysis of some special sequences of indices corresponding to the j values that leak useful information for key recovery. We present new theoretical results on the probability and the number of such sequences. As an application, we explain a new secret key recovery algorithm that can recover a 16 bytes secret key with a success probability of 0.1409. Our strategy has high time complexity at this point and requires further improvement to be feasible in practice.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Akgün, M., Kavak, P., Demirci, H.: New Results on the Key Scheduling Algorithm of RC4. In: INDOCRYPT 2008. LNCS, vol. 5365, pp. 40–52. Springer, Heidelberg (2008)
Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)
Khazaei, S., Meier, W.: On Reconstruction of RC4 Keys from Internal States. In: Calmet, J., Geiselmann, W., Müller-Quade, J. (eds.) Mathematical Methods in Computer Science (MMICS). LNCS, vol. 5393, pp. 179–189. Springer, Heidelberg (2008)
Knudsen, L.R., Meier, W., Preneel, B., Rijmen, V., Verdoolaege, S.: Analysis Methods for (Alleged) RC4. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 327–341. Springer, Heidelberg (1998)
LAN/MAN Standard Committee. Wireless LAN medium access control (MAC) and physical layer (PHY) specifications, 1999 edition. IEEE standard 802.11 (1999)
Maitra, S., Paul, G.: New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 253–269. Springer, Heidelberg (2008); A revised and extended version with the same title is available at the IACR Eprint Server, eprint.iacr.org, number 2007/261 (January 9, 2009)
Mantin, I.: Analysis of the stream cipher RC4. Master’s Thesis, The Weizmann Institute of Science, Israel (2001)
Maximov, A., Khovratovich, D.: New State Recovering Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)
McKague, M.E.: Design and Analysis of RC4-like Stream Ciphers. Master’s Thesis, University of Waterloo, Canada (2005)
Paul, G., Maitra, S.: Permutation after RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)
Paul, G., Maitra, S.: RC4 State Information at Any Stage Reveals the Secret Key. IACR Eprint Server, eprint.iacr.org, number 2007/2008 (January 9, 2009); This is an extended version of [10]
Roos, A.: A class of weak keys in the RC4 stream cipher. Two posts in sci.crypt, message-id 43u1eh$1j3@hermes.is.co.za and 44ebge$llf@hermes.is.co.za (1995)
Tews, E.: Attacks on the WEP protocol. IACR Eprint Server, eprint.iacr.org, number 2007/471, December 15 (2007)
Tomasevic, V., Bojanic, S., Nieto-Taladriz, O.: Finding an internal state of RC4 stream cipher. Information Sciences 177, 1715–1727 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Basu, R., Maitra, S., Paul, G., Talukdar, T. (2009). On Some Sequences of the Secret Pseudo-random Index j in RC4 Key Scheduling. In: Bras-Amorós, M., Høholdt, T. (eds) Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. AAECC 2009. Lecture Notes in Computer Science, vol 5527. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02181-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-02181-7_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02180-0
Online ISBN: 978-3-642-02181-7
eBook Packages: Computer ScienceComputer Science (R0)