Paper 2014/985

Statistical weakness in Spritz against VMPC-R: in search for the RC4 replacement

Bartosz Zoltak

Abstract

We found a statistical weakness in the Spritz algorithm designed by Ronald L. Rivest and Jacob C. N. Schuldt. For N=8: Prob(output(x)=output(x+2)) = 1/N + 0.000498. The bias becomes statistically significant (for N=8) after observing about 2^21.9 outputs. Analogous bias occurs for N=16. We propose an algorithm (VMPC-R) which for N=8 produced 2^46.8 (31 million times more) outputs which remained undistinguishable from random in the same battery of tests. Supported by a series of additional statistical tests and security analyses we present VMPC-R as an algorithm we hope can be considered a worthwhile replacement for RC4.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. Minor revision.
Keywords
PRNGCSPRNGSpritzRC4VMPC-Rstream cipherdistinguishing attack
Contact author(s)
bzoltak @ vmpcfunction com
History
2014-12-10: received
Short URL
https://ia.cr/2014/985
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/985,
      author = {Bartosz Zoltak},
      title = {Statistical weakness in Spritz against VMPC-R: in search for the RC4 replacement},
      howpublished = {Cryptology ePrint Archive, Paper 2014/985},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/985}},
      url = {https://eprint.iacr.org/2014/985}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.