论文信息 - Distinguishing Attacks on RC4 and A New Improvement of the Cipher

Distinguishing Attacks on RC4 and A New Improvement of the Cipher

RC4, designed by Rivest in 1987, is the most widely deployed stream cipher in practical applications. In this paper, two new class of statistical biases inherent in RC4 are depicted and it is shown that the RC4 keystream is distinguishable from random no matter how many initial bytes have been dumped. RC4A, proposed by Paul and Preneel at FSE 2004 to strengthen the security of RC4, is also found to be vulnerable to similar attacks. Instead, a new pseudorandom bit generator RC4B is proposed, which is believed to provide better immunity against the known attacks.

[1] Goutam Paul,et al. New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4 , 2008, FSE.

[2] Bart Preneel,et al. A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher , 2004, FSE.

[3] Adi Shamir,et al. A Practical Attack on Broadcast RC4 , 2001, FSE.

[4] Eli Biham,et al. Efficient Reconstruction of RC4 Keys from Internal States , 2008, FSE.

[5] Alexander Maximov,et al. New State Recovery Attack on RC4 , 2008, CRYPTO.

[6] Vincent Rijmen,et al. Analysis Methods for (Alleged) RC4 , 1998, ASIACRYPT.

[7] Andreas Klein,et al. Attacks on the RC4 stream cipher , 2008, Des. Codes Cryptogr..

[8] Serge Vaudenay,et al. Statistical Attack on RC4 - Distinguishing WPA , 2011, EUROCRYPT.