Modification of RC4 Algorithm by using Two State Tables and Initial State Factorial

Full Text (PDF, 2130KB), PP.1-8

Views: 0 Downloads: 0

Author(s)

Sura M. Searan 1,* Ali M. Sagheer 1

1. University of Anbar/ Department of Computer Science, Baghdad, 10012, Iraq

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2016.12.01

Received: 2 May 2016 / Revised: 22 Aug. 2016 / Accepted: 1 Oct. 2016 / Published: 8 Dec. 2016

Index Terms

RC4, KSA (Key Scheduling Algorithm), PRGA (Pseudo-Random Generation Algorithm), Single Bias, Double Bias

Abstract

RC4 algorithm is one of the most significant stream and symmetric cryptographic algorithms, it is simple and used in various commercial products, it has many weaknesses such as a bias in the key stream that some key bytes are biased toward some values. In this paper, a new algorithm is proposed by using initial state factorial to solve the correlation issue between public known outputs of the internal state by using an additional state table with the same length as that of the state to contain the factorial of initial state elements. The analysis of RC4 and developed RC4 algorithm is done based on their single bias and double byte bias and shows that many keystream output bytes of RC4 are produced key stream bytes that are biased to many linear combinations while developed RC4 key bytes have no single and double biases. The results show that the series that is generated by developed RC4 is more random than that generated by RC4 and the developed algorithm is faster than RC4 execution time and requires less time. Additionally, the developed algorithm is robust against many attacks such as distinguishing attack.

Cite This Paper

Sura M. Searan, Ali M. Sagheer, "Modification of RC4 Algorithm by using Two State Tables and Initial State Factorial", International Journal of Computer Network and Information Security(IJCNIS), Vol.8, No.12, pp.1-8, 2016. DOI:10.5815/ijcnis.2016.12.01

Reference

[1]I. Mantin and A. Shamir, “A Practical Attack on Broadcast RC4”. Springer, Lecture Notes in Computer Science. 2002, (2355), pp 152-164.
[2]M. M. Hammood, K. Yoshigoe, and A. M. Sagheer, “RC4-2S: RC4 Stream Cipher with Two State Tables”. Springer, Lecture Notes in Electrical Engineering, 2013, 1, pp 13-20.
[3]P. Sepehrdad, S. Vaudenay, and M. Vuagnoux, M. “Discovery and Exploitation of New Biases in RC4”, Springer, In Selected Areas in Cryptography, 2011, pp. 74-91.
[4]M. E. McKague, “Design and analysis of RC4-like stream ciphers”, MS.C. Thesis, University of Waterloo, Canada/ Ontario, 2005.
[5]P. Prasithsangaree, and P. Krishnamurthy, “Analysis of energy consumption of RC4 and AES algorithms in wireless LANs”, In Global Telecommunications Conference, 2003. GLOBECOM'03. IEEE, 2003, 3, pp 1445-1449.
[6]A. M. S. Rahma, A. M. Sagheer, and A. A. Salih, “Development of RC4 Stream Ciphers Using Boolean Functions”, Journal of Baghdad College of Economic Sciences University, 2012, 29.
[7]L. Stosic, and M. Bogdanovic, “RC4 stream cipher and possible attacks on WEP”, Editorial Preface, 2012, 3(3).
[8]S. Maitra, and G. Paul, “New Form of Permutation Bias and Secret Key Leakage in Keystream Bytes of RC4”, In Fast Software Encryption, Springer, 2008, pp. 253-269.
[9]S. Maitra, and G. Paul, “Analysis of RC4 and Proposal of Additional Layers for Better Security Margin”, Springer, Lecture Notes in Computer Science. 2008, pp 27-39.
[10]C. Garman, K. G. Paterson, and T. Van der Merwe, “Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS”, In Presented as Part of the 24th USENIX Security Symposium (USENIX Security 15), 2015.
[11]S. Paul, and B. Preneel, “Analysis of Non-Fortuitous Predictive States of the RC4 Keystream Generator”, Springer, Lecture Notes in Computer Science. 2003, pp 52-67.
[12]N. J. Al-Fardan, D. J. Bernstein, K. G. Paterson, B. Poettering, and J. C. Schuldt, “On the Security of RC4 in TLS and WPA”, In Presented as part of the 22nd USENIX Security Symposium. USENIX, 2013, 13, pp 305-320.
[13]M. M. Hammood, K. Yoshigoe, and A. M. Sagheer, “Enhancing Security and Speed of RC4”, International Journal of Computing and Network Technology, 2015, 3(2).
[14]L. L. Khine, “A New Variant of RC4 Stream Cipher”, Mandalay, Myanmar: World Academy of Science, Engineering and Technology, 2009.
[15]M. U. Bokhari, S. Alam, F. S. Masoodi, “Cryptanalysis Techniques for Stream Cipher: a survey”, International Journal of Computer Applications, 2012, 60(9), pp 29-33.
[16]K. K. H. Wong, G. Carter, and E. Dawson, “An analysis of the RC4 Family of Stream Ciphers Against Algebraic Attacks”, In Proceedings of the Eighth Australasian Conference on Information Security, 2010, 105, pp 67-74.
[17]M. A. Orumiehchiha, J. Pieprzyk, E. Shakour, and R. Steinfeld, “Cryptanalysis of RC4 (n, m) Stream Cipher”, In Proceedings of the 6th International Conference on Security of Information and Networks, 2013, pp 165-172.
[18]S. Mister, and S. Tavares, “Cryptanalysis of RC4-like Ciphers”, In Selected Areas in Cryptography, 1999, pp 632-632. Springer.
[19]M. M. Hammood, K. Yoshigoe, and A. M. Sagheer, “RC4 Stream Cipher with a Random Initial State”, Springer, Lecture Notes in Electrical Engineering, 2013, 1, pp 407-416.
[20]P. Jindal, and B. Singh, “A Survey on RC4 Stream Cipher”, International Journal Computer Network and Information Security, 2015, 7, pp 37-45.
[21]M. Robshaw, and O. Billet, “New Stream Cipher Designs: The eSTREAM Finalists”, Springer, Lecture Notes in Computer Science, 2008.
[22]P. Pardeep, and P. K. Pateriya, “PC 1-RC4 and PC 2-RC4 Algorithms: Pragmatic Enrichment Algorithms to Enhance RC4 Stream Cipher Algorithm”, International Journal of Computer Science and Network, 2012, 1(3).
[23]M. Omari, and H. S. Soliman, “Exponential Brute-Force Complexity of a Permutation Based Stream Cipher”, International Journal Computer Network and Information Security, 2013, 1, pp 1-13.
[24]V. K. Keerthi, and R. P. Arun, “Taxonomy of SSL/TLS Attacks”, International Journal Computer Network and Information Security, 2016, 2, pp 15-24.
[25]S. R. Fluhrer, and D. A. McGrew, “Statistical Analysis of the Alleged RC4 Keystream Generator”, Springer, Lecture notes in computer science, 2001, (1978), pp 19-30.
[26]M. M. Hammood, and K. Yoshigoe, “Previously Overlooked Bias Signatures for RC4”, International Symposium on Digital, Forensic Security, 2016, 101-106. doi:10.1109.