The probabilities of the state transitions of the initial value S 0 in the S table of RC4 are described by a kind of bistochastic matrices, and then a computational formula for such bistochastic matrices is given, by which the mathematical expectation of the number of fixed points in the key extending algorithm of RC4 is obtained. As a result, a statistical weakness of the key extending algorithm of RC4 is presented.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Fluhrer S R, McGrew D A. Statistical analysis of the alleged RC4 keystream generator. In: Fast Software Encryption, FSE’2000, Berlin-Heidelberg: Springer-Verlag, 2000, 19–30
Knudsen L R, Mcier W, Preneel B, Rijmen V, Verdoolaege S. Analysis methods for (alleged) RC4. In: Kazuo Ohta, Pei D Y, eds. Advances in Cryptology ASIACTYPT’98, Proceedings of international Conference on the Theory and Application of Cryptology and information Security, Beijing, China, October 18–22, 1998
Fluhrer S R, Mantin I, Shamir A. Attacks on RC4 and WEP. Cryptobytes, 5(2): 26–34 (2002)
Liu B L. Theory of Combinatorial Matrices. Beijing: Science Press, 1998
Fluhrer S R, Mantin I, Shamir A. Weaknesses in the key scheduling algorithm of RC4, In: Selected Areas in Cryptography, Berlin-Heidelberg: Springer-Verlag, 2001, 1–24
Mantin I, Shamir A. A practical attack on broadcast RC4. In: Fast Software Encryption, FSE’2001, Berlin: Springer, 2001, 152–164
This work was supported by the National Natural Science Foundation of China (Grant No. 10371061)
About this article
Cite this article
Xu, K., He, L., Dai, Z. et al. The analysis of the number of fixed points in the key extending algorithm of RC4. Sci. China Ser. A-Math. 51, 407–415 (2008). https://doi.org/10.1007/s11425-007-0186-1
- bistochastic matrix
- fixed point
- key extending algorithm
- state transition
- probability matrix