Comprehensive Analysis of Initial Keystream Biases of RC4
スポンサーリンク
概要
- 論文の詳細を見る
After the disclosure of the RC4 algorithm in 1994, a number of keystream biases of RC4 were reported, e.g., Mantin and Shamir showed that the second byte of the keystream is biased to 0, Sepehrdad et al. found that the l-th byte of the keystream is biased to -l, and Maitra et al. showed that 3rd to 255th bytes of the keystream are also biased to 0, where l is the keylength in byte. However, it is unknown that which bias is strongest in each byte of initial bytes. This paper comprehensively analyzes initial keystream biases of RC4. In particular, we introduce several new biases in the initial (1st to 257th) bytes of the RC4 keystream, which are substantially stronger than known biases. Combining the new biases with the known ones, a complete list of strongest single-byte biases in the first 257bytes of the RC4 keystream is constructed for the first time. Then, we show that our set of these biases are applicable to plaintext recovery attacks, key recovery attacks and distinguishing attacks.
著者
-
MORII Masakatu
Graduate School of Engineering, Kobe University
-
Morii Masakatu
Graduate School Of Engineering Kobe University
-
Isobe Takanori
Graduate School Of Science And Technology Kobe University
-
OHIGASHI Toshihiro
Information Media Center
-
WATANABE Yuhei
Graduate School of Engineering, Kobe University
-
ISOBE Takanori
Graduate School of Engineering, Kobe University
関連論文
- A Chosen-IV Key Recovery Attack on Py and Pypy
- A Chosen-IV Key Recovery Attack on Py and Pypy
- A-6-8 Improved Bitslice Network for Computing the TIB3 S-Box
- Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets
- Reversible Watermark with Large Capacity Based on the Prediction Error Expansion
- Fingerprinting Protocol Based on Distributed Providers Using Oblivious Transfer(Cryptography,Information Theory and Its Applications)
- Reversible Watermark with Large Capacity Based on the Prediction Error
- Reversible Watermark with Large Capacity Using the Predictive Coding
- S-Box Bitslice Networks as Network Computing
- New Weakness in the Key-Scheduling Algorithm of RC4
- Internal-State Reconstruction of a Stream Cipher RC4(Information Security)(Information Theory and Its Applications)
- Compression Functions Suitable for the Multi-Property-Preserving Transform
- Systematic Generation of Tardos's Fingerprint Codes
- A Probabilistic Algorithm for Computing the Weight Distribution of LDPC Codes
- On the Condition for Detecting (t+μ)-error by Reed-Solomon Decoder Based on the Welch-Berlekamp Algorithm
- Generalized Classes of Weak Keys on RC4 Using Predictive State
- Irreducible m-Term Polynomial and Its Application to Multiplication over GF(2^m)
- Cryptanalysis for RC4 and Breaking WEP/WPA-TKIP
- Falsification Attacks against WPA-TKIP in a Realistic Environment
- On the Probabilistic Computation Method with Reliability for the Weight Distribution of LDPC Codes
- Comprehensive Analysis of Initial Keystream Biases of RC4
- Anonymous Authentication Scheme without Verification Table for Wireless Environments