RC4-2S: RC4 Stream Cipher with Two State Tables

  • Maytham M. Hammood
  • Kenji Yoshigoe
  • Ali M. Sagheer
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 253)


One of the most important symmetric cryptographic algorithms is Rivest Cipher 4 (RC4) stream cipher which can be applied to many security applications in real time security. However, RC4 cipher shows some weaknesses including a correlation problem between the public known outputs of the internal state. We propose RC4 stream cipher with two state tables (RC4-2S) as an enhancement to RC4. RC4-2S stream cipher system solves the correlation problem between the public known outputs of the internal state using permutation between state 1 (S 1 ) and state 2 (S 2 ). Furthermore, key generation time of the RC4-2S is faster than that of the original RC4 due to less number of operations per a key generation required by the former. The experimental results confirm that the output streams generated by the RC4-2S are more random than that generated by RC4 while requiring less time than RC4. Moreover, RC4-2S’s high resistivity protects against many attacks vulnerable to RC4 and solves several weaknesses of RC4 such as distinguishing attack.


Stream cipher RC4 Pseudo-random number generator 


  1. 1.
    Sharma K, Ghose MK, Kumar D, Singh RPK, Pandey VK (2010) A comparative study of various security approaches used in wireless sensor networks. Int J Adv Sci Technol 177(77)Google Scholar
  2. 2.
    Gupta SS, Chattopadhyay A, Sinha K, Maitra S, Sinha B (2013) High-performance hardware implementation for RC4 stream cipher. IEEE Trans Comput 62(4):730–743Google Scholar
  3. 3.
    Ahmad S, Beg MR, Abbas Q, Ahmad J, Atif S (2010) Comparative study between stream cipher and block cipher using RC4 and Hill Cipher. Int J Comput Appl (0975–8887), 1(25)Google Scholar
  4. 4.
    Zoltak B (2004) VMPC one-way function and stream cipher. Fast software encrypt FSE 2004, LNCS 3017. Springer-Verlag, New York, pp 210–225Google Scholar
  5. 5.
    Paul S, Preneel B (2004) A new weakness in the RC4 keystream generator and an approach to improve the security of the cipher in fast software encrypt. FSE 2004, LNCS 3017. Springer-Verlag, New York , pp 245–259Google Scholar
  6. 6.
    Maximov A (2005) Two linear distinguishing attacks on VMPC and RC4A and weakness of the RC4 family of stream ciphers. Fast software encryption, FSEGoogle Scholar
  7. 7.
    Fluhrer S, Mantin I, Shamir A (2001) Weaknesses in the key scheduling algorithm of RC4. In: Proceedings of annual workshop on selected areas in cryptography, vol 2259, Springer, Toronto, pp 1–24Google Scholar
  8. 8.
    Yu Q, Zhang C (2011) RC4 state and its applications. In: Ninth annual international conference on privacy, security and trust, pp 264–269Google Scholar
  9. 9.
    Pardeep Pateriya P (2012) PC-RC4 algorithm: an enhancement over standard RC4 algorithm. Int J Comput Sci Netw 1(3)Google Scholar
  10. 10.
    Kadry S, Smaili M (2010) An improvement of RC4 cipher using vigenère cipher. Int J Comput Intell Inform Secur 1(3)Google Scholar
  11. 11.
    Mousa A, Hamad A (2006) Evaluation of the RC4 algorithm for data encryption. Int J Comput Sci Appl 3(2)Google Scholar
  12. 12.
    Yao Y, Chong J, Xingwei W (2010) Enhancing RC4 algorithm for WLAN WEP protocol. In: control and decision conference (CCDC), IEEE, pp 3623–3627Google Scholar
  13. 13.
    Hammood MM, Yoshigoe K, Sagheer AM (2013) RC4 stream cipher with a random initial state. In: Proceedings of 10th FTRA international conference on secure and trust computing, data management, and applications (STA’13). Lecture notes in electrical engineering, Springer, HeidelbergGoogle Scholar
  14. 14.
    Grosul A, Wallach D (2000) A related-key cryptanalysis of RC4. Department of computer science, Rice University, Technical report TR-00-358, June 2000Google Scholar
  15. 15.
    Stamp M (2006) Information security principles and practice. Wiley, New YorkGoogle Scholar
  16. 16.
    Sharif SO, Mansoor SP (2010) Performance analysis of stream and block cipher algorithms. In: 3rd international conference on advanced computer theory and engineering (ICACTE), IEEE vol 1, pp 522–525Google Scholar
  17. 17.
    Mantin I, Shamir A (2001) A practical attack on broadcast RC4. In: 8th international workshop, FSE, PP 152–164Google Scholar
  18. 18.
    Rukhin A, Soto J, Nechvatal J, Smid M, Barker E, Leigh S, Levenson M, Vangel M, Banks D, Heckert A, Dray J, Vo S (2001) A statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST special publication 800-22, National institute of standards and technology (NIST), Gaithersburg.
  19. 19.
    Stallings W (2011) Cryptography and network security principles and practices, 5th edn. Prentice Hall Pearson, New JerseyGoogle Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2013

Authors and Affiliations

  • Maytham M. Hammood
    • 1
  • Kenji Yoshigoe
    • 2
  • Ali M. Sagheer
    • 3
  1. 1.Applied ScienceUniversity of Arkansas at Little RockLittle RockUSA
  2. 2.Computer ScienceUniversity of Arkansas at Little RockLittle RockUSA
  3. 3.College of ComputerUniversity of AnbarAnbarIraq

Personalised recommendations