In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Toshihiro OHIGASHI, Yoshiaki SHIRAISHI, Masakatu MORII, "New Weakness in the Key-Scheduling Algorithm of RC4" in IEICE TRANSACTIONS on Fundamentals,
vol. E91-A, no. 1, pp. 3-11, January 2008, doi: 10.1093/ietfec/e91-a.1.3.
Abstract: In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e91-a.1.3/_p
Copy
@ARTICLE{e91-a_1_3,
author={Toshihiro OHIGASHI, Yoshiaki SHIRAISHI, Masakatu MORII, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={New Weakness in the Key-Scheduling Algorithm of RC4},
year={2008},
volume={E91-A},
number={1},
pages={3-11},
abstract={In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an
keywords={},
doi={10.1093/ietfec/e91-a.1.3},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - New Weakness in the Key-Scheduling Algorithm of RC4
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 3
EP - 11
AU - Toshihiro OHIGASHI
AU - Yoshiaki SHIRAISHI
AU - Masakatu MORII
PY - 2008
DO - 10.1093/ietfec/e91-a.1.3
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E91-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2008
AB - In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an
ER -