RC4 Stream Cipher with a Modified Random KSA

Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 298)


The RC4 stream cipher has two components: KSA and PRGA. Though this simple and fast cipher proved itself as robust enough and it is trusted by many organizations, though a number of researchers claimed that RC4 has some weakness and bias in its internal states. Some researchers pointed to the swap function of RC4 as a main reason of weakness, especially in the KSA. The authors replaced the KSA randomly with a robust PRBG, BBS, to fill-up the internal state array, which they named as the KSA-R, to eliminate the swap function from KSA. The original RC4 and the modified RC4 are tested with NIST Statistical Test Suite, and it has been found that RC4 with KSA-R is giving a better security.


Modified RC4 Random RC4 Random KSA Random S-Box Modified KSA 


  1. 1.
    Roos A (1995) A class of weak keys in the RC4 stream cipher. Post in sci crypt, message-id 43u1eh$1j3@hermes.is.co.za (1995), http://marcel.wanda.ch/Archive/WeakKeys
  2. 2.
    Paul S, Preneel B (2004) A new weakness in the RC4 keystream generator and an approach to improve the security of the cipher. In: FSE 2004, LNCS, vol 3017. Springer, Heidelberg, pp 245–259. http://www.iacr.org/archive/fse2004/30170244/30170244.pdf (Last accessed on: 22 July 2013)
  3. 3.
    Maitra S, Paul G (2008) Analysis of RC4 and proposal of additional layers for better security margin. In: Lecture notes in computer science, INDOCRYPT, 5365. Springer, Berlin, pp 40–52. http://eprint.iacr.org/2008/396.pdf (Last accessed on: 22 July 2013)
  4. 4.
    Akgün M, Kavak P, Demicri H (2008) New results on the key scheduling algorithm of RC4. In: Lecture notes in computer science, INDOCRYPT, 5365, pp 40–52. Springer. http://link.springer.com/content/pdf/10.1007/978-3-540-9754-5_4.pdf (Last accessed on: 22 July 2013)
  5. 5.
    Noman AA, Sidek RS, Ramli AD (2009) Hardware implementation of RC4A stream cipher. Int J Cryptology Res 1(2):225–223. http://www.mscr.org.my/V1(2)/PP%225-233.pdf (Last accessed on: 22 July 2013)Google Scholar
  6. 6.
    Tomašević V, Bojanić S (2004) Reducung the state space of RC4 stream cipher. In: Bubak M et al (eds) ICCS 2004, LNCS 3036, Springer, Berlin, pp 644–647 http://link.springer.com/chapter/10.1007%2F978-3-540-24685-5_110#page-1 (Last accessed on: 22 July 2013)
  7. 7.
    Nawaz Y, Gupta KC, Gong G (2013) A 32-bit RC4-like keystream generator, IACR Eprint archive, 2005. eprint.iacr.org/2005/175.pdf (Last accessed on: 22 July 2013)Google Scholar
  8. 8.
    Junod P (1999) Cryptographic secure pseudo-random bits generation: the Blum–Blum-Shub generator. http://www.cs.miami.edu/~burt/learning/Csc609.062/docs/bbs.pdf (Last accessed on: 22 July 2013)
  9. 9.
    Blum L, Blum M, Shub M (1983) Comparison of two pseudo-random number generators. In: Rivest RL, Sherman A, Chaum D (eds) In: Proceedings of CRYPTO 82. Plenum Press, New York, pp 61–78Google Scholar
  10. 10.
    National Institute of Standards & Technology (NIST) Technology Administration, U.S. Dept. of Commerce, A Statistical Test Suite for RNGs and PRNGs for Cryptographic Applications, April, 2010, http://csrc.nist.gov/publications/nistpubs800/22rec1SP800-22red1.pdf
  11. 11.
    Kim SJ, Umeno K, Hasegawa A (2004) Corrections of the NIST statistical test suite for randomness. Communications Research Lab., Inc. Admin. Agency, TokyoGoogle Scholar

Copyright information

© Springer India 2014

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringUniversity of CalcuttaKolkataIndia
  2. 2.Institute of Radio Physics and ElectronicsUniversity of CalcuttaKolkataIndia

Personalised recommendations