Skip to main content

Advertisement

Springer Nature Link
Log in
Menu
Find a journal Publish with us Track your research
Search
Saved research
Cart
  1. Home
  2. Selected Areas in Cryptography
  3. Conference paper

Discovery and Exploitation of New Biases in RC4

  • Conference paper
  • pp 74–91
  • Cite this conference paper
Save conference paper
View saved research
Image Selected Areas in Cryptography (SAC 2010)
Discovery and Exploitation of New Biases in RC4
  • Pouyan Sepehrdad19,
  • Serge Vaudenay19 &
  • Martin Vuagnoux19 

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6544))

Included in the following conference series:

  • International Workshop on Selected Areas in Cryptography
  • 2716 Accesses

  • 44 Citations

  • 3 Altmetric

Abstract

In this paper, we present several weaknesses in the stream cipher RC4. First, we present a technique to automatically reveal linear correlations in the PRGA of RC4. With this method, 48 new exploitable correlations have been discovered. Then we bind these new biases in the PRGA with known KSA weaknesses to provide practical key recovery attacks. Henceforth, we apply a similar technique on RC4 as a black box, i.e. the secret key words as input and the keystream words as output. Our objective is to exhaustively find linear correlations between these elements. Thanks to this technique, 9 new exploitable correlations have been revealed. Finally, we exploit these weaknesses on RC4 to some practical examples, such as the WEP protocol. We show that these correlations lead to a key recovery attack on WEP with only 9800 encrypted packets (less than 20 seconds), instead of 24200 for the best previous attack.

Download to read the full chapter text

Chapter PDF

Similar content being viewed by others

Image

New Iterated RC4 Key Correlations

Chapter © 2018
Image

RC4D: A New Development of RC4 Encryption Algorithm

Chapter © 2021
Image

An approach of refining RC4 with performance analysis on new variants

Article 22 October 2019

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.
  • Computer Crime
  • Computer Science
  • Cryptology
  • Cybercrime
  • Reverse engineering
  • Security Science and Technology
  • Lightweight Cryptographic Algorithms for Secure IoT Systems

References

  1. Biham, E., Carmeli, Y.: Efficient Reconstruction of RC4 Keys from Internal States. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 270–288. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Bittau, A.: Additional Weak IV Classes for the FMS Attack (2003), http://www.cs.ucl.ac.uk/staff/a.bittau/sorwep.txt

  3. Chaabouni, R.: Breaking WEP Faster with Statistical Analysis. Ecole Polytechnique Fédérale de Lausanne, LASEC, Semester Project (2006)

    Google Scholar 

  4. Devine, C., Otreppe, T.: Aircrack, http://www.aircrack-ng.org/

  5. Fluhrer, S.R., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  6. Fluhrer, S.R., McGrew, D.A.: Statistical Analysis of the Alleged RC4 Keystream Generator. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 19–30. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Golic, J.D.: Linear statistical weakness of alleged RC4 keystream generator. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 226–238. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  8. Golic, J.D.: Iterative Probabilistic Cryptanalysis of RC4 Keystream Generator. In: Dawson, E., Clark, A., Boyd, C. (eds.) ACISP 2000. LNCS, vol. 1841, pp. 220–233. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  9. Hulton, D.: Practical Exploitation of RC4 Weaknesses in WEP Environments (2001), http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt

  10. IEEE. ANSI/IEEE standard 802.11i: Amendment 6 Wireless LAN Medium Access Control (MAC) and Physical Layer (phy) Specifications, Draft 3 (2003)

    Google Scholar 

  11. Jenkins, R.: ISAAC and RC4, http://burtleburtle.net/bob/rand/isaac.html

  12. Klein, A.: Attacks on the RC4 Stream Cipher. Personal Andreas Klein website (2006), http://cage.ugent.be/~klein/RC4/RC4-en.ps

  13. Klein, A.: Attacks on the RC4 Stream Cipher. Des. Codes Cryptography 48(3), 269–286 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  14. Knudsen, L.R., Meier, W., Preneel, B., Rijmen, V., Verdoolaege, S.: Analysis Methods for (Alleged) RC4. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 327–341. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  15. KoreK. Need Security Pointers (2004), http://www.netstumbler.org/showthread.php?postid=89036#post89036

  16. KoreK. Next Generation of WEP Attacks? (2004), http://www.netstumbler.org/showpost.php?p=93942&postcount=35

  17. Maitra, S., Paul, G.: New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 253–269. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Mantin, I.: Analysis of the Stream Cipher RC4, http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html

  19. Mantin, I.: Predicting and Distinguishing Attacks on RC4 Keystream Generator. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 491–506. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Mantin, I., Shamir, A.: A Practical Attack on Broadcast RC4. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Maximov, A.: Two Linear Distinguishing Attacks on VMPC and RC4A and Weakness of RC4 Family of Stream Ciphers. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 342–358. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  22. Maximov, A., Khovratovich, D.: New State Recovery Attack on RC4. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 297–316. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Mironov, I.: (Not So) Random Shuffles of RC4. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 304–319. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Moen, V., Raddum, H., Hole, K.J.: Weaknesses in the Temporal Key Hash of WPA. Mobile Computing and Communications Review 8(2), 76–83 (2004)

    Article  Google Scholar 

  25. Paul, G., Maitra, S.: Permutation After RC4 Key Scheduling Reveals the Secret Key. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 360–377. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Paul, G., Rathi, S., Maitra, S.: On Non-negligible Bias of the First Output Bytes of RC4 towards the First Three Bytes of the Secret Key. In: WCC 2007 - International Workshop on Coding and Cryptography, pp. 285–294 (2007)

    Google Scholar 

  27. Paul, S., Preneel, B.: A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 245–259. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  28. Roos, A.: A Class of Weak Keys in RC4 Stream Cipher (sci.crypt) (1995), http://groups.google.com/group/sci.crypt.research/msg/078aa9249d76eacc?dmode=source

  29. Tews, E., Beck, M.: Practical attacks against WEP and WPA. In: Basin, D.A., Capkun, S., Lee, W. (eds.) WISEC, pp. 79–86. ACM, New York (2009)

    Chapter  Google Scholar 

  30. Tews, E., Weinmann, R.-P., Pyshkin, A.: Breaking 104 Bit WEP in Less Than 60 Seconds. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 188–202. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  31. Tomasevic, V., Bojanic, S., Nieto-Taladriz, O.: Finding an internal state of RC4 stream cipher. Finding an internal state of RC4 stream cipher 177(7), 1715–1727 (2007)

    MathSciNet  MATH  Google Scholar 

  32. Vaudenay, S., Vuagnoux, M.: Passive–Only Key Recovery Attacks on RC4. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 344–359. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  33. Vuagnoux, M.: Computer Aided Cryptanalysis from Ciphers to Side channels. PhD thesis, Ecole Polytechnique Fédérale de Lausanne — EPFL (2010)

    Google Scholar 

  34. Wagner, D.: Weak Keys in RC4 (sci.crypt) (1995), http://www.cs.berkeley.edu/~daw/my-posts/my-rc4-weak-keys

Download references

Author information

Authors and Affiliations

  1. EPFL, CH–1015, Lausanne, Switzerland

    Pouyan Sepehrdad, Serge Vaudenay & Martin Vuagnoux

Authors
  1. Pouyan Sepehrdad
    View author publications

    Search author on:PubMed Google Scholar

  2. Serge Vaudenay
    View author publications

    Search author on:PubMed Google Scholar

  3. Martin Vuagnoux
    View author publications

    Search author on:PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Luxembourg, Luxembourg

    Alex Biryukov

  2. Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario, Canada

    Guang Gong

  3. David R. Cheriton School of Computer Science, University of Waterloo, N2L 3G1, Waterloo, ON, Canada

    Douglas R. Stinson

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sepehrdad, P., Vaudenay, S., Vuagnoux, M. (2011). Discovery and Exploitation of New Biases in RC4. In: Biryukov, A., Gong, G., Stinson, D.R. (eds) Selected Areas in Cryptography. SAC 2010. Lecture Notes in Computer Science, vol 6544. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19574-7_5

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-19574-7_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-19573-0

  • Online ISBN: 978-3-642-19574-7

  • eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Discrete Fourier Transform
  • Exhaustive Search
  • Success Probability
  • Initialization Vector
  • Stream Cipher

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us

Policies and ethics

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Footer Navigation

Discover content

  • Journals A-Z
  • Books A-Z
  • Subjects A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Language editing
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover

Corporate Navigation

  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

104.23.197.230

Not affiliated

Springer Nature

© 2026 Springer Nature