Abstract
In 1996, Jenkins pointed out a correlation between the hidden state and the output keystream of RC4, which is well known as the Glimpse theorem. With a permutation of size N-bytes, the probability of guessing one location by random association is 1/N, whereas the existing correlations related to glimpse allow an adversary to guess a permutation location, using the knowledge of the keystream output bytes, with probability 2/N. To date, this is the best known state-leakage based on glimpse. For the first time in RC4 literature, we show that there are certain events that leak state information with a probability of 3/N, considerably higher than the existing results. Further, the new glimpse correlation that we observe is a long-term phenomenon; it remains valid at any stage of the evolution of RC4 Pseudo Random Generation Algorithm (PRGA). This new glimpse with a considerably higher probability of state-leakage may potentially have serious ramifications towards state-recovery attacks on RC4.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akgün, M., Kavak, P., Demirci, H.: New Results on the Key Scheduling Algorithm of RC4. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 40–52. Springer, Heidelberg (2008)
Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)
Golic, J.D., Morgari, G.: Iterative Probabilistic Reconstruction of RC4 Internal States. IACR Cryptology ePrint Archive, Report 2008/348 (2008), http://eprint.iacr.org/2008/348
Jenkins, R.J.: ISAAC and RC4 (1996), Published on the Internet at http://burtleburtle.net/bob/rand/isaac.html (last accessed on December 28, 2012)
Mantin, I.: Analysis of the stream cipher RC4. Master’s thesis, The Weizmann Institute of Science, Israel (2001), http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html
Mantin, I.: A Practical Attack on the Fixed RC4 in the WEP Mode. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 395–411. Springer, Heidelberg (2005)
Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)
Paul, G., Maitra, S.: Permutation After RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)
Paul, G., Maitra, S.: RC4 Stream Cipher and Its Variants, 1st edn. CRC Press, Boca Raton (November 16, 2011)
Gupta, S.S., Maitra, S., Paul, G., Sarkar, S.: Proof of Empirical RC4 Biases and New Key Correlations. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 151–168. Springer, Heidelberg (2012)
Sen Gupta, S., Maitra, S., Paul, G., Sarkar, S.: (Non-)Random Sequences from (Non-) Random Permutations - Analysis of RC4 stream cipher. To appear in Journal of Cryptology. Springer (accepted November 3, 2012)
Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Discovery and exploitation of new biases in RC4. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 74–91. Springer, Heidelberg (2011)
Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Statistical Attack on RC4 - Distinguishing WPA. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 343–363. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Maitra, S., Sen Gupta, S. (2013). New Long-Term Glimpse of RC4 Stream Cipher. In: Bagchi, A., Ray, I. (eds) Information Systems Security. ICISS 2013. Lecture Notes in Computer Science, vol 8303. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-45204-8_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-45204-8_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-45203-1
Online ISBN: 978-3-642-45204-8
eBook Packages: Computer ScienceComputer Science (R0)