A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf
.
On Non-randomness of the Permutation After RC4 Key Scheduling
[chapter]
Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
Here we study a weakness of the RC4 Key Scheduling Algorithm (KSA) that has already been noted by Mantin and Mironov. Consider the RC4 permutation S of N (usually 256) bytes and denote it by SN after the KSA. Under reasonable assumptions we present a simple proof that each permutation byte after the KSA is significantly biased (either positive or negative) towards many values in the range 0, . . . , N − 1. These biases are independent of the secret key and thus present an evidence that the
doi:10.1007/978-3-540-77224-8_14
dblp:conf/aaecc/PaulMS07
fatcat:6euensi3c5hu7kfevlqcsrgw3e