Cryptology ePrint Archive: Report 2002/171

Statistical weaknesses in the alleged RC4 keystream generator

Marina Pudovkina

Abstract: A large number of stream cipher were proposed and implemented over the last twenty years. In 1987 Rivest designed the RC4 stream cipher, which was based on a different and more software friendly paradigm. It was integrated into Microsoft Windows, Lotus Notes, Apple AOCE, Oracle Secure SQL, and many other applications, and has thus become the most widely used a software-based stream cipher. In this paper we describe some properties of an output sequence of RC4. It is proved that the distribution of first, second output values of RC4 and digraphs are not uniform, which makes RC4 trivial to distinguish between short outputs of RC4 and random strings by analyzing their first, or second output values of RC4 or digraphs.

Category / Keywords: secret-key cryptography /

Publication Info: 4 International Workshop on Computer Science and Information Technologies, CSIT’2002, 2002.

Date: received 11 Nov 2002

Contact author: maricap at online ru

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20021112:080956 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]