(Not So) Random Shuffles of RC4
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Practical Attack on Broadcast RC4
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
A practical attack on the fixed RC4 in the WEP mode
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Predicting and distinguishing attacks on RC4 keystream generator
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Analysis of RC4 and Proposal of Additional Layers for Better Security Margin
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
New Correlations of RC4 PRGA Using Nonzero-Bit Differences
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Statistical attack on RC4 distinguishing WPA
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Robust watermarking of compressed JPEG images in encrypted domain
Transactions on data hiding and multimedia security VI
A critique of some chaotic-map and cellular automata-based stream ciphers
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
Proof of empirical RC4 biases and new key correlations
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Proving empirical key-correlations in RC4
Information Processing Letters
Hi-index | 0.00 |
In this paper, we show that the first byte of the keystream output of RC4 has non-negligible bias towards the sum of the first three bytes of the secret key. This result is based on our observation that the index, where the first byte of the keystream output is chosen from, is approximately twice more likely to be 2 than any other value. Our technique is further used to theoretically prove Roos's experimental observation (A class of weak keys in the RC4 stream cipher, 1995) related to weak keys.