1999
DOI: 10.1007/3-540-48892-8_11
|View full text |Cite
|
Sign up to set email alerts
|

Cryptanalysis of RC4-like Ciphers

Abstract: Abstract. RC4, a stream cipher designed by Rivest for RSA Data Security Inc., has found several commercial applications, but little public analysis has been done to date. In this paper, alleged RC4 (hereafter called RC4) is described and existing analysis outlined. The properties of RC4, and in particular its cycle structure, are discussed. Several variants of a basic "tracking" attack are described, and we provide experimental results on their success for scaled-down versions of RC4. This analysis shows that,… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
33
0
1

Year Published

2001
2001
2015
2015

Publication Types

Select...
6
2

Relationship

0
8

Authors

Journals

citations
Cited by 57 publications
(34 citation statements)
references
References 4 publications
0
33
0
1
Order By: Relevance
“…Since the state transition in RC4 is invertible and the initial state (i = j = 0) is not of this type, RC4 can never enter these states for any key. Additional properties of the state transition graph of RC4 were analyzed by Mister and Tavares in [MT98].…”
Section: Previous Attacks On Rc4mentioning
confidence: 99%
See 1 more Smart Citation
“…Since the state transition in RC4 is invertible and the initial state (i = j = 0) is not of this type, RC4 can never enter these states for any key. Additional properties of the state transition graph of RC4 were analyzed by Mister and Tavares in [MT98].…”
Section: Previous Attacks On Rc4mentioning
confidence: 99%
“…A branch and bound attack that is based on the "Guess on Demand" paradigm is analyzed in [MT98] and [KMP + 98]. The attack simulates the generation process, and keeps track of all the known values in S which had been deduced so far.…”
Section: Previous Attacks On Rc4mentioning
confidence: 99%
“…The first state recovery attack on RC4 was proposed Knudsen, Meier and Preneel [35] in 1998 where the attack complexity was found to be 2 779 for N=256. In the same year 1998, another state recovery attack was analyzed using some cycle -structures of RC4 [36] and observed that for N=32, state recovery can be done in 2 42 steps. A probabilistic approach was used for RC4 state recovery in [37], having attack complexity similar to the one obtained in [35] .…”
Section: E State Recoverymentioning
confidence: 99%
“…A weakness detected early was that the first byte of the pseudo random sequence is not very random (see [9] and [7]). The strongest know attack of this kind is due to S. Fluhrer, I. Mantin and A. Shamir [2].…”
Section: Weaknesses In the Key Scheduling Phasementioning
confidence: 99%