2009 | OriginalPaper | Chapter
New Correlations of RC4 PRGA Using Nonzero-Bit Differences
Authors : Atsuko Miyaji, Masahiro Sukegawa
Published in: Information Security and Privacy
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
RC4 is the stream cipher proposed by Rivest in 1987, which is widely used in a number of commercial products because of its simplicity and substantial security. RC4 exploits shuffle-exchange paradigm, which uses a permutation
S
. Many attacks have been reported so far. No study, however, has focused on correlations in the Pseudo-Random Generation (PRGA) between two permutations
S
and
S
′ with some differences, nevertheless such correlations are related to an inherent weakness of shuffle-exchange-type PRGA. In this paper, we investigate the correlations between
S
and
S
′ with some differences in the initial round. We show that correlations between
S
and
S
′ remain before
$``i"$
is in the position where the nonzero-bit difference exists in the initial round, and that the correlations remain with non negligible probability even after
$``i"$
passed by the position. This means that the same correlations between
S
and
S
′ will be observed after the 255-th round. This reveals an inherent weakness of shuffle-exchange-type PRGA.