New Long-Term Glimpse of RC4 Stream Cipher

Maitra, Subhamoy; Sen Gupta, Sourav

doi:10.1007/978-3-642-45204-8_17

Subhamoy Maitra¹⁸ &
Sourav Sen Gupta¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8303))

Included in the following conference series:

International Conference on Information Systems Security

1044 Accesses
3 Citations

Abstract

In 1996, Jenkins pointed out a correlation between the hidden state and the output keystream of RC4, which is well known as the Glimpse theorem. With a permutation of size N-bytes, the probability of guessing one location by random association is 1/N, whereas the existing correlations related to glimpse allow an adversary to guess a permutation location, using the knowledge of the keystream output bytes, with probability 2/N. To date, this is the best known state-leakage based on glimpse. For the first time in RC4 literature, we show that there are certain events that leak state information with a probability of 3/N, considerably higher than the existing results. Further, the new glimpse correlation that we observe is a long-term phenomenon; it remains valid at any stage of the evolution of RC4 Pseudo Random Generation Algorithm (PRGA). This new glimpse with a considerably higher probability of state-leakage may potentially have serious ramifications towards state-recovery attacks on RC4.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Akgün, M., Kavak, P., Demirci, H.: New Results on the Key Scheduling Algorithm of RC4. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 40–52. Springer, Heidelberg (2008)
Chapter Google Scholar
Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)
Chapter Google Scholar
Golic, J.D., Morgari, G.: Iterative Probabilistic Reconstruction of RC4 Internal States. IACR Cryptology ePrint Archive, Report 2008/348 (2008), http://eprint.iacr.org/2008/348
Jenkins, R.J.: ISAAC and RC4 (1996), Published on the Internet at http://burtleburtle.net/bob/rand/isaac.html (last accessed on December 28, 2012)
Mantin, I.: Analysis of the stream cipher RC4. Master’s thesis, The Weizmann Institute of Science, Israel (2001), http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html
Mantin, I.: A Practical Attack on the Fixed RC4 in the WEP Mode. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 395–411. Springer, Heidelberg (2005)
Chapter Google Scholar
Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)
Chapter Google Scholar
Paul, G., Maitra, S.: Permutation After RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)
Chapter Google Scholar
Paul, G., Maitra, S.: RC4 Stream Cipher and Its Variants, 1st edn. CRC Press, Boca Raton (November 16, 2011)
Google Scholar
Gupta, S.S., Maitra, S., Paul, G., Sarkar, S.: Proof of Empirical RC4 Biases and New Key Correlations. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 151–168. Springer, Heidelberg (2012)
Chapter Google Scholar
Sen Gupta, S., Maitra, S., Paul, G., Sarkar, S.: (Non-)Random Sequences from (Non-) Random Permutations - Analysis of RC4 stream cipher. To appear in Journal of Cryptology. Springer (accepted November 3, 2012)
Google Scholar
Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Discovery and exploitation of new biases in RC4. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 74–91. Springer, Heidelberg (2011)
Chapter Google Scholar
Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Statistical Attack on RC4 - Distinguishing WPA. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 343–363. Springer, Heidelberg (2011)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Indian Statistical Institute, Kolkata, India
Subhamoy Maitra & Sourav Sen Gupta

Authors

Subhamoy Maitra
View author publications
You can also search for this author in PubMed Google Scholar
Sourav Sen Gupta
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Electronics & Communication Sciences Unit, Indian Statistical Institute, 203, B. T. Road, 700108, Kolkata, India
Aditya Bagchi
Computer Science Department, Colorado State University, 1873 Campus Delivery, 80523, Fort Collins, CO, USA
Indrakshi Ray

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Maitra, S., Sen Gupta, S. (2013). New Long-Term Glimpse of RC4 Stream Cipher. In: Bagchi, A., Ray, I. (eds) Information Systems Security. ICISS 2013. Lecture Notes in Computer Science, vol 8303. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-45204-8_17

Download citation

DOI: https://doi.org/10.1007/978-3-642-45204-8_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-45203-1
Online ISBN: 978-3-642-45204-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics