Generalized Analysis on Key Collisions of Stream Cipher RC4

概要

論文の詳細を見る
The fact that the stream cipher RC4 can generate colliding key pairs with hamming distance one was first discovered by Matsui in FSE 2010. This kind of weakness demonstrates that two different secret keys have the same effect on the ciphers encryption and the corresponding decryption procedure. In this paper, we further investigate the property of RC4 key collisions and achieved the following results:1. We show that RC4 can generate colliding key pairs with various hamming distances, which cannot be generated by Matsuis pattern. We also give concrete examples of colliding key pairs with hamming distances greater than one.2. We formalize RC4 colliding key pairs into two large patterns, namely, Transitional pattern and Self-Absorbing pattern. All the currently known colliding key pairs can be categorized into either two patterns.3. We analyze both patterns and clarified the relations among the probability of key collision, key length and hamming distances which yield the colliding key pairs.4. We demonstrate the vulnerability of key collisions by showing collisions of RC4-Hash function proposed in INDOCRYPT 2006. Some concrete experimental results of RC4-Hash collision are also given in this paper.