Generalized Classes of Weak Keys on RC4 Using Predictive State

Ryoichi TERAMURA  Toshihiro OHIGASHI  Hidenori KUWAKADO  Masakatu MORII  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E94-A    No.1    pp.10-18
Publication Date: 2011/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E94.A.10
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Symmetric Cryptography
cryptanalysis,  stream cipher,  RC4,  weak key,  predictive state,  

Full Text: PDF(630.7KB)>>
Buy this Article

Conventional class of weak keys on RC4 stream cipher is defined as a specific case that combinations of the first three bytes of secret key satisfy two relational equations. This paper expands and generalizes the classes of weak keys using generalized relational equations and special classes of the internal state (called predictive state). We derive the probability that generalized classes of weak keys leak the information of bytes of the secret key. Furthermore, we enumerate the generalized classes of weak keys and show that most of them leak more information of the secret key than Roos' one.