EXPLORING WEAKNESSES OF RC4 IN DIFFERENT USAGE MODES

Abstract

Cryptography is an important building block used i n communication systems to provide confidentiality and authenticity. Stream ciphers, which encrypt data one bit or byte at a time have been used in applications sherec low delay and hiogh speed are essential requirements.RC4, a stream cipher designed by Rivest for Data Security Inc. has been used in several commercial applications. In this thesis RC4 is described and its various weaknesses have been exploited. It is shown that second binary derivative of the least significant bit of sequence is correlated to 1 with correlation coefficient close to 152 -3n. The result can be used to distinguish RC4 from other key-stream generators. Digraph probabilities gives another method of distinguishing RC4 from random sequence requiring lesser amount of output key-stream bits. 40-bit RC4 was recommended for WEP, the link-layer security protocol for 802.11 networks. An attack was proposed by Fluhrer, Shamir and Mantin based upon non-random be...