A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is
Selected Areas in Cryptography
A theoretical analysis of the RC4 Key Scheduling Algorithm (KSA) is presented in this paper, where the nonlinear operation is swapping among the permutation bytes. Explicit formulae are provided for the probabilities with which the permutation bytes after the KSA are biased to the secret key. Theoretical proofs of these formulae have been left open since Roos's work (1995). Based on this analysis, an algorithm is devised to recover the l bytes (i.e., 8l bits, typically 5 ≤ l ≤ 16) secret keydoi:10.1007/978-3-540-77360-3_23 dblp:conf/sacrypt/PaulM07 fatcat:ykcdepo7nrhwrkwetyhehqblou