A complete characterization of the evolution of RC4 pseudo random generation algorithm

A complete characterization of the evolution of RC4 pseudo random generation algorithm

In this paper, we provide a complete characterization of the RC4 Pseudo Random Generation Algorithm (PRGA) for one step: i = i + 1; j = j + S[i]; swap(S[i], S[j]); z = S[S[i] + S[j]]. This is the first time such an involved description is presented to get a concise view of how RC4 PRGA evolves. Cons...

Full description

Bibliographic Details
Main Authors: Basu Riddhipratim, Ganguly Shirshendu, Maitra Subhamoy, Paul Goutam
Format: Article
Language:English
Published: De Gruyter 2008-10-01
Series:Journal of Mathematical Cryptology
Subjects:
cryptanalysis
distinguishing attacks
rc4
stream cipher
statistical distributions
Online Access:https://doi.org/10.1515/JMC.2008.012
Description
Summary:In this paper, we provide a complete characterization of the RC4 Pseudo Random Generation Algorithm (PRGA) for one step: i = i + 1; j = j + S[i]; swap(S[i], S[j]); z = S[S[i] + S[j]]. This is the first time such an involved description is presented to get a concise view of how RC4 PRGA evolves. Considering all the permutations (we also keep in mind the Finney states), we find that the distribution of z is not uniform given i, j. A corollary of this result shows that information about j is always leaked from z. Next, studying two consecutive steps of RC4 PRGA, we prove that the index j is not produced uniformly at random given the value of j two steps ago. We also provide additional evidence of z leaking information on j. Further, we present a novel distinguisher for RC4 which shows that under certain conditions the equality of two consecutive bytes is more probable than by random association. Our analysis holds regardless of the amount of initial keystream bytes thrown away during the RC4 PRGA.
ISSN:1862-2976
1862-2984

Similar Items