Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Designs, Codes and Cryptography
Published in: Designs, Codes and Cryptography 1-2/2017

14-05-2016

Revisiting (nested) Roos bias in RC4 key scheduling algorithm

Authors: Santanu Sarkar, Ayineedi Venkateswarlu

Published in: Designs, Codes and Cryptography | Issue 1-2/2017

Login to get access

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

RC4 is one of the most popular stream cipher with wide industrial applications, it has received serious attention in cryptology literature in the last 2 decades. In 1995, Roos pointed out that the elements \(S_N[y]\) of the permutation \(S_N\) after the key scheduling algorithm for the first few values of y are biased to certain combinations of secret key bytes. These correlations were theoretically studied by Paul and Maitra (SAC, 2007). The formula for the correlation probabilities provided by them gives a wrong impression that the probabilities decrease as the value of y becomes larger, which is not true. In this paper, we point out some gaps in their analysis and present a detailed analysis of Roos bias. We provide a more accurate formula for the correlation probabilities. We further study nested Roos type biases and present comparison results. These types of biases are used to reconstruct key from the permutation \(S_N\) for better success probability.
previous article Improving impossible-differential attacks against Rijndael-160 and Rijndael-224
next article On some permutation binomials and trinomials over
Literature
1.
2.
Biham E., Carmeli Y.: Efficient reconstruction of RC4 keys from internal states. In: FSE 2008. LNCS, vol. 5086, pp. 270–288 (2008).
3.
Isobe T., Ohigashi T., Watanabe Y., Morii M.: Full plaintext recovery attack on broadcast RC4. In: FSE 2013. LNCS, vol. 8424, pp. 179–202 (2013).
4.
Klein A.: Attacks on the RC4 stream cipher. Des. Codes Cryptogr. 48(3), 269–286 (2008)
5.
Maitra S., Paul G.: New form of permutation bias and secret key leakage in keystream bytes of RC4. In: FSE 2008. LNCS, vol. 5086, pp. 253–269 (2008).
6.
Maitra S., Paul G., Sen Gupta S.: Attack on broadcast RC4 Revisited. In: FSE 2011. LNCS, vol. 6733, pp. 199–217 (2011).
7.
Mantin I.: Analysis of the stream cipher RC4. Masters Thesis, The Weizmann Institute of Science, Israel (2001).
8.
Mantin I., Shamir A.: A practical attack on broadcast RC4. In: FSE 2001. LNCS, vol. 2355, pp. 152–164 (2002).
9.
Maitra S., Paul G., Sarkar S., Lehmann M., Meier W.: New results on generalization of Roos-type biases and related keystreams of RC4. In: Africacrypt 2008. LNCS, vol. 7918, pp. 222–239 (2002)
10.
McKague M.E.: Design and analysis of RC4-like stream ciphers. Master’s Thesis, University of Waterloo, Canda (2005).
11.
Patel J.K., Read C.B.: Handbook of the Normal Distribution. CRC Press, Boca Raton (1996).
12.
Paul G., Maitra S.: Permutation after RC4 key scheduling reveals the secret key. In: SAC. LNCS, vol. 4876, pp. 360–377 (2007).
13.
Paul G., Rathi S., Maitra S.: On non-negligible bias of the first output byte of RC4 towards the first three bytes of the secret key. Des. Codes Cryptogr. 49(1–3), 123–134 (2008).
14.
Paterson K.G., Poettering B., Schuldt J.C.N.: Plaintext recovery attacks against WPA/TKIP. In: FSE. LNCS, vol. 8540, pp. 325–349 (2014).
15.
Paterson K.G., Poettering B., Schuldt J. C.N.: Big bias hunting in amazonia: large-scale computation and exploitation of RC4 biases (Invited Paper). In: ASIACRYPT 2014. LNCS, vol. 8873, pp. 398–419 (2014).
16.
Roos A.: A class of weak keys in the RC4 stream cipher. Two posts in sci.crypt, message-id 43u1eh$1j3@hermes.is.co.za, 44ebge$llf@hermes.is.co.za, (1995).
17.
18.
Sepehrdad P., Vaudenay S., Vuagnoux M.: Statistical attack on RC4—Distinguishing WPA. In: EUROCRYPT. LNCS, vol. 6632, pp. 343–363 (2011).
19.
IEEE 802.11. Wireless LAN medium access control (MAC) and physical layer (PHY) specification (1997).
20.
IEEE 802.11i. Wireless LAN medium access control (MAC) and physical layer (PHY) specification: amendment 6: medium access control (MAC) security enhancements (2004).
Metadata
Title
Revisiting (nested) Roos bias in RC4 key scheduling algorithm
Authors
Santanu Sarkar
Ayineedi Venkateswarlu
Publication date
14-05-2016
Publisher
Springer US
Published in
Designs, Codes and Cryptography / Issue 1-2/2017
Print ISSN: 0925-1022
Electronic ISSN: 1573-7586
DOI
https://doi.org/10.1007/s10623-016-0219-2

Other articles of this Issue 1-2/2017

Designs, Codes and Cryptography 1-2/2017 Go to the issue

OriginalPaper

Improving the security and efficiency of block ciphers based on LS-designs

OriginalPaper

Hasse–Weil bound for additive cyclic codes

OriginalPaper

On some permutation binomials and trinomials over

OriginalPaper

Antiderivative functions over

OriginalPaper

Improving algebraic attacks on stream ciphers based on linear feedback shift register over

EditorialNotes

Editorial: Special issue on coding and cryptography

Premium Partner

    Image Credits