Analysis of RC4 and Proposal of Additional Layers for Better Security Margin

Maitra, Subhamoy; Paul, Goutam

doi:10.1007/978-3-540-89754-5_3

Cited by 59 publications

(46 citation statements)

References 27 publications

(54 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We also propose a differential fault attack using a new state reconstruction strategy that recovers the internal state of the cipher using considerably less number of faults and computational time than required in the attack of . In addition, we also analyze the security of the cipher if odd pads are used as the design parameter other than the pad 0xAA used in the original cipher proposed in . We show that the cipher is still vulnerable to distinguishing attacks if the pads are changed into an 8‐bit constant odd value.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Some security results of the RC4+ stream cipher

Banik

2015

Security Comm Networks

View full text Add to dashboard Cite

Abstract-RC4+ stream cipher was proposed by Maitra et. al. at Indocrypt 2008. It was claimed by the authors that this new stream cipher is designed to overcome all the weaknesses reported on the alleged RC4 stream cipher. In the design specifications of RC4+, the authors make use of an 8-bit design parameter called pad which is fixed to the value 0xAA. The first Distinguishing Attack on RC4+ based on the bias of its first output byte was shown by Banik et. al. in Indocrypt 2013. In this paper, it was also mentioned that the distinguishing attack would still hold if the pad used in RC4+ is fixed to any even 8-bit constant other than 0xAA. Therefore, the question that arises is whether the design of RC4+ can be protected by fixing the pad parameter to some constant odd value. In this paper, we try to answer this very question. We show that the design is still vulnerable by mounting a distinguishing attack even if the pad is fixed to some constant 8-bit odd value. Surprisingly we find that if the value of the pad is made equal to 0x03, the design provides maximum resistance to distinguishing attacks. Lastly we return to the original cipher i.e. in which pad is set to 0xAA and unearth another bias in the second output byte of the cipher, thereby showing that practical implementations of this cipher should discard the use of the first two output bytes for encryption.

show abstract

Section: Resultsmentioning

confidence: 99%

“…Nevertheless, all of the aforementioned stream ciphers have had some reports of distinguishing attacks against them. In , a new stream cipher named RC4+ was introduced. It is a modified version of RC4 with a complex three‐phase key schedule and a more complex output function.…”

Section: Introductionmentioning

confidence: 99%

Some security results of the RC4+ stream cipher

Banik

2015

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…In [59] authors have developed two attacks against RC4 (n, m) on the basis of nonrandomness of internal states. In [60] authors have studied theoretically the RC4 KSA. It is found that the expected number of times each value of the state permutation is moved by the indices i, j is not uniform and proposed a modified RC4 KSA+ and PRGA+ with three layers of scrambling.…”

Section: Enhancements In Rc4 Stream Ciphermentioning

confidence: 99%

A Survey on RC4 Stream Cipher

Jindal

Singh²

2015

IJCNIS

View full text Add to dashboard Cite

Abstract-RC4 is one of the most widely used stream cipher due to its simplicity, speed and efficiency. In this paper we have presented a chronological survey of RC4 stream cipher demonstrating its weaknesses followed by the various RC4 enhancements from the literature. From the recently observed cryptanalytic attempts on RC4 it is established that innovative research efforts are required to develop secure RC4 algorithm, which can remove the weaknesses of RC4, such as biased bytes, key collisions, and key recovery attacks specifically on WEP and WPA. These flaws in RC4 are offering open challenge for developers. Hence our chronological survey corroborates the fact that even though researchers are working on RC4 stream cipher since last two decades, it still offers a plethora of research issues related to statistical weaknesses in either state or keystream.

show abstract

“…Though Internet Engineering Task Force (IETF) is currently seeking replacement of RC4 in TLS protocol [6], it is interesting to note that the base RC4 algorithm is still cryptographically secure and can be safely used with proper precautions. In addition, there are more secure variants of RC4 in the literature such as RC4 + [7], Spritz [8] etc. The usability of the RC4-like cipher kernels is re-iterated in the recent proposal of Spritz [8] from the authors of the original RC4.…”

Section: Introductionmentioning

confidence: 99%