Skip to main content
Springer Nature Link
Log in

Further non-randomness in RC4, RC4A and VMPC

  • Published:
Cryptography and Communications Aims and scope Submit manuscript

Abstract

RC4 is one of the most popular stream ciphers that generates pseudorandom words from pseudorandom permutations. In this paper we identify new bias for RC4 and its variants RC4A and VMPC, which are designed in a similar paradigm. Naturally, these biases provide new distinguishers for the pseudo-random keystream generated from these algorithms. In particular, our result provides the strongest distinguisher against VMPC. Although RC4A is of less practical interest, a lot of protocols use VMPC.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. AlFardan, N., Bernstein, D., Paterson, K., Poettering, B., Schuldt, J. On the security of RC4 in TLS. Published online at http://www.isg.rhul.ac.uk/tls/

  2. Biham, E., Seberry. Py (Roo), J.: A Fast and Secure Stream Cipher using Rolling Arrays eSTREAM, ECRYPT Stream Cipher Project, Report 2005/023 (2005)

  3. Biham, E., Seberry, J. : C Code of Py6. eSTREAM, ECRYPT Stream Cipher Project (2005). http://www.ecrypt.eu.org/stream/py.html

  4. Fluhrer, S.R., McGrew, D.A.: Statistical Analysis of the Alleged RC4 Keystream Generator In: Proceedings of FSE 2000, LNCS, vol. 1978, pp 19–30. Springer (2000)

  5. Gong, G., Gupta, K.C., Hell, M., Nawaz, Y.: Towards a General RC4-Like Keystream Generator In: Proceedings of CISC 2005, LNCS, vol. 3822, pp 162–174. Springer (2005)

  6. Isobe, T., Ohigashi, T., Watanabe, Y., Morii, M.: Full plaintext recovery attack on broadcast RC4. To appear in proceedings of FSE (2013)

  7. Jenkins, R. J. Jr.: ISAAC. In: Proceedings of FSE 1996, LNCS, vol. 1039, pp 41–49. Springer (1996)

  8. Keller, N., Miller, S., Mironov, I., Venkatesan, R.: MV3: A New Word Based Stream Cipher Using Rapid Mixing and Revolving Buffers In: Proceedings of CT-RSA 2007, LNCS, vol. 4377, pp 1–19 (2007)

  9. Maitra, S., Paul, G., Sen Gupta, S.: Attack on broadcast RC4 Revisited In: Proceedings of FSE 2011, LNCS, vol. 6733, pp 199–217. Springer (2011)

  10. Mantin, I.: Analysis of the stream cipher RC4. Master’s thesis. The Weizmann Institute of Science, Israel (2001)

    Google Scholar 

  11. Mantin, I. : Predicting and Distinguishing Attacks on RC4 Keystream Generator In: Proceedings of Eurocrypt 2005, LNCS, vol. 3494, pp 491–506. Springer (2005)

  12. Mantin, I., Shamir, A.: A Practical Attack on Broadcast RC4 In: Proceedings of FSE 2001, LNCS, vol. 2355, pp 152–164. Springer (2001)

  13. Maximov, A.: Two Linear Distinguishing Attacks on VMPC and RC4A and Weakness of the RC4 Family of Stream Ciphers In: Proceedings of FSE 2005, LNCS, vol. 3557, pp 342–358. Springer (2005)

  14. Mironov, I.: (Not So) Random Shuffles of RC4 In: Proceedings of Crypto 2002, LNCS, vol. 2442, pp 304–319. Springer (2002)

  15. Ohigashi, T., Isobe, T., Watanabe, Y., Morii, M.: How to Recover Any Byte of Plaintext on RC4. Accepted in SAC (2013)

  16. Nawaz, Y., Gupta, K.C., Gong, G.: A 32-bit RC4-like Keystream Generator. Cryptology ePrint. Archive:2005/175

  17. Paterson, K., Schuldt, J., Poettering, B.: Plaintext Recovery Attacks Against WPA/TKIP. Accepted in FSE (2014)

  18. Paul, S., Preneel, B.: A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher In: Proceedings of FSE 2004, LNCS, vol. 3017, pp 245–259. Springer (2004)

  19. Paul, S., Preneel, B., Sekar, G.: Distinguishing Attacks on the Stream Cipher Py In: Proceedings of FSE 2006, LNCS, vol. 4047, pp 405–421. Springer (2006)

  20. Paul, S., Preneel, B.: On the (In)security of Stream Ciphers Based on Arrays and Modular Addition In: Proceedings of Asiacrypt 2006, LNCS, vol. 4284, pp 69–73. Springer (2006)

  21. Sepehrdad, P.: Statistical and Algebraic Cryptanalysis of Lightweight and Ultra-Lightweight Symmetric Primitives. Ph.D. thesis, École Polytechnique Fédérale de Lausanne (EPFL), 2012. http://lasecwww.epfl.ch/~sepehrdad/Pouyan_Sepehrdad_PhD_Thesis.pdf

  22. Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Discovery and Exploitation of New Biases in RC4 In: Proceedings of SAC 2010, LNCS, vol. 6544, pp 74–91. Springer (2010)

  23. Sepehrdad, P., Vaudenay, S., Vuagnoux, M.: Statistical Attack on RC4 – Distinguishing WPA In: Proceedings of EUROCRYPT 2011, LNCS, vol. 6632, pp 343–363. Springer (2011)

  24. Tsunoo, Y., Saito, T., Kubo, H., Shigeri, M., Suzaki, T., Kawabata, T.: The Most Efficient Distinguishing Attack on VMPC and RC4A. In: Proceedings of SKEW (2005)

  25. Zoltak, B.: VMPC One-Way Function and Stream Cipher In: Proceedings of FSE 2004, LNCS, vol. 3017, pp 210–225. Springer (2004)

  26. Zoltak, B.: Personal communication

Download references

Author information

Authors and Affiliations

  1. Chennai Mathematical Institute, Chennai, India

    Santanu Sarkar

Authors
  1. Santanu Sarkar
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Santanu Sarkar.

Additional information

This is a thoroughly revised and extended version of the paper “Further Non-randomness in RC4, RC4A and VMPC” that has been presented in WCC 2013, April 15–19, 2013, Bergen, Norway. There is no formal proceedings for WCC 2013. Section 4 of this paper is the additional contribution that was not appeared in the workshop version.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sarkar, S. Further non-randomness in RC4, RC4A and VMPC. Cryptogr. Commun. 7, 317–330 (2015). https://doi.org/10.1007/s12095-014-0119-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12095-014-0119-0

Keywords

Mathematics Subject Classification (2010)