Abstract
In this paper, we discovered a new class of colliding key pairs of RC4, namely, two different secret keys generate the same internal state after RC4’s key scheduling algorithm. This is to our knowledge the first discovery of RC4 colliding keys with hamming distance greater than one, that is, the colliding key pairs we found can differ from each other at three different positions, and the value difference between these positions needs not be fixed. We analyzed the transition pattern and evaluated the probability of the existence of this new class of colliding key pairs. Our result shows that RC4 key collision could be achieved by two keys with greater hamming distance than the ones found in [1] and [2]. And this newly discovered class of colliding key pairs reveals the weakness that RC4’s key scheduling algorithm could generate even more colliding keys. We also proposed an algorithm for searching colliding key pairs within this new class. Some concrete colliding key pairs are demonstrated in this paper, among which 55-byte colliding key pair is the shortest one we found by using our algorithm within one hour time.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Grosul, A.L., Wallach, D.S.: A Related-Key Cryptanalysis of RC4. Technical Report TR-00-358, Department of Computer Science, Rice University (2000), http://cohesion.rice.edu/engineering/computerscience/tr/TRDownload.cfm?SDID=126
Matsui, M.: Key collisions of the RC4 stream cipher. In: Dunkelman, O., Preneel, B. (eds.) Fast Software Encryption. LNCS, vol. 5665, pp. 38–50. Springer, Heidelberg (2009)
Anonymous: RC4 Source Code. CypherPunks mailing list (September 9 (1994), http://cypherpunks.venona.com/date/1994/09/msg00304.html , http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
Roos, A.: A Class of Weak Keys in the RC4 Stream Cipher (1995), http://marcel.wanda.ch/Archive/WeakKeys
Mantin, I., Shamir, A.: A Practical Attack on Broadcast RC4. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Heidelberg (2002)
Paul, S., Preneel, B.: A New Weakness in the RC4 Keystream Generator and an Approach to Improve Security of the Cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 245–259. Springer, Heidelberg (2004)
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)
Klein, A.: Attacks on the RC4 Stream Cipher. Designs, Codes and Cryptography 48(3), 269–286 (2008)
Tews, E., Weinmann, R.P., Pyshkin, A.: Breaking 104 Bit WEP in Less than 60 Seconds. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 188–202. Springer, Heidelberg (2008)
Vaudenay, S., Vuagnoux, M.: Passive-Only Key Recovery Attacks on RC4. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 344–359. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, J., Miyaji, A. (2010). A New Class of RC4 Colliding Key Pairs with Greater Hamming Distance. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds) Information Security, Practice and Experience. ISPEC 2010. Lecture Notes in Computer Science, vol 6047. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12827-1_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-12827-1_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12826-4
Online ISBN: 978-3-642-12827-1
eBook Packages: Computer ScienceComputer Science (R0)