RC4 variants RC4

-



1 rc4 variants

1.1 rc4a
1.2 vmpc
1.3 rc4
1.4 spritz





rc4 variants

as mentioned above, important weakness of rc4 comes insufficient key schedule; first bytes of output reveal information key. can corrected discarding initial portion of output stream. known rc4-dropn, n typically multiple of 256, such 768 or 1024.


a number of attempts have been made strengthen rc4, notably spritz, rc4a, vmpc, , rc4+.


rc4a

souradyuti paul , bart preneel have proposed rc4 variant, call rc4a.


rc4a uses 2 state arrays s1 , s2, , 2 indexes j1 , j2. each time incremented, 2 bytes generated:



thus, algorithm is:



all arithmetic performed modulo 256
i := 0
j1 := 0
j2 := 0
while generatingoutput:
:= + 1
j1 := j1 + s1[i]
swap values of s1[i] , s1[j1]
output s2[s1[i] + s1[j1]]
j2 := j2 + s2[i]
swap values of s2[i] , s2[j2]
output s1[s2[i] + s2[j2]]
endwhile

although algorithm required same number of operations per output byte, there greater parallelism rc4, providing possible speed improvement.


although stronger rc4, algorithm has been attacked, alexander maximov , team nec developing ways distinguish output random sequence.


vmpc

variably modified permutation composition (vmpc) rc4 variant. uses similar key schedule rc4, j := s[(j + s[i] + key[i mod keylength]) mod 256] iterating 3 x 256 = 768 times rather 256, , optional additional 768 iterations incorporate initial vector. output generation function operates follows:



all arithmetic performed modulo 256.
i := 0
while generatingoutput:
:= s[i]
j := s[j + a]

output s[s[s[j] + 1]
swap s[i] , s[j] (b := s[j]; s[i] := b; s[j] := a))

:= + 1
endwhile

this attacked in same papers rc4a, , can distinguished within 2 output bytes.


rc4

rc4 modified version of rc4 more complex three-phase key schedule (taking 3× long rc4, or same rc4-drop512), , more complex output function performs 4 additional lookups in s array each byte output, taking approximately 1.7× long basic rc4.



all arithmetic modulo 256. << , >> left , right shift, ⊕ exclusive or
while generatingoutput:
:= + 1
:= s[i]
j := j + a

swap s[i] , s[j] (b := s[j]; s[i] := b; s[j] := a)

c := s[i<<5 ⊕ j>>3] + s[j<<5 ⊕ i>>3]
output (s[a+b] + s[c⊕0xaa]) ⊕ s[j+b]
endwhile

this algorithm has not been analyzed significantly.


spritz

ron rivest , jacob schuldt have proposed replacing rc4 improved , modified version dubbed spritz:



all arithmetic performed modulo 256
while generatingoutput:
:= + w
j := k + s[j + s[i]]
k := k + + s[j]
swap values of s[i] , s[j]
output z := s[j + s[i + s[z + k]]]
endwhile

the value w, relatively prime size of s array. after 256 iterations of inner loop, value (incremented w every iteration) has taken on possible values 0..255, , every byte in s array has been swapped @ least once.


like other sponge functions, spritz can used build cryptographic hash function, deterministic random bit generator (drbg), encryption algorithm supports authenticated encryption associated data (aead), etc.


spritz broken banik , isobe.








Comments

Post a Comment

Popular posts from this blog

The battle for tallest status IDS Center

-
the crystal court ids tower ground the owners of capella tower (formerly first bank place) , architects behind design stated rose 774 feet (236 m) tall upon completion in 1992. however, height had been increased due engineering need, according tom o mara, 1 of construction managers @ time of capella tower construction. there ventilation ducts near roof required 14 more inches (36 cm) of height. construction team added 10 inches (25 cm) that, bringing building total of 776 feet 0 inches (236.52 m). in years following completion, actual height became known published in almanacs , other listings of building height. owners of capella tower hesitant claim building taller ids, , deferred honor more well-known structure. area journalists reported on sale of ids center john buck company in 2004 , death of designer philip johnson in 2005, came face-to-face fact roof of tower 1 foot lower neighbor. emporis.com restored ids center first-place status in city in fe...
Read more

Discography Butterfingers (Malaysian band)

-
1 discography 1.1 1994 – 2 tracks untitled recording (demo) 1.2 1995 – 12 goats, 6 oranges , 2 angels (demo) 1.3 1996 – butter couldn t melt (demo) 1.4 1996 – dragon (demo) 1.5 1996 – 1.2 milligrams (butterworld/emi) 1.6 1997 – butter worth pushful (butterworld/emi) 1.7 1999 – transcendence (butterworld/emi) 1.8 2000 – butter late never (unreleased tracks, live , rarities) (butterworld/emi) 1.9 2001 – malayneum (butterworld/emi) 1.10 2003 – best yet come 1994-20xx (butterworld/emi) 1.11 2005 – selamat tinggal dunia (butterworld/emi) 1.12 2008 – kembali (butterworld) 1.13 vcd 1.14 special release/live album 1.15 music videos 1.16 hit songs discography 1994 – 2 tracks untitled recording (demo) 1. girl friday 2. when re addicted (later renamed nicc o tynne ) 1995 – 12 goats, 6 oranges , 2 angels (demo) 1. wet blanket 2. ginseng 3. kindergarten (later renamed hatemaster ) 4. when re addicted (later renamed nicc o tynne ) 5. mystery 6. gum 7. spoilt (later renamed spoilt (in end) ) 1996...
Read more

Timeline Korean DMZ Conflict (1966–1969)

-
1 timeline 1.1 1966 1.2 1967 1.3 1968 1.4 1969 timeline 1966 2 november: 2nd infantry division (2id) patrol (1st battalion, 23rd infantry regiment) ambushed south of dmz. 6 u.s. kia, 1 katusa kia, 1 u.s. wia; unknown kpa losses. private ernest reynolds posthumously awarded silver star actions during ambush. roka patrol ambushed same night. 2 rok kia. 1967 12 february: 2id patrol (3–23 infantry) ambushed south of dmz. 1 u.s. kia; unknown kpa losses. 5 april: 2id guard post engaged kpa infiltrators south of dmz. no u.s. losses; 5 kpa kia. 29 april: 2id patrol ambushed kpa infiltrators south of dmz. no u.s. losses; 1 kpa kia, 1 kpa wia, 1 kpa captured. 22 may: 2id barracks (1–23 infantry) demolished daylight explosion south of dmz. 2 u.s. kia, 17 u.s. wia. 16 july: 2id barrier position #32 overrun. 3 u.s. kia (2-23 infantry), 1 katusa wia. 10 august: 7id construction team (b company 2/31st inf. 7th id) ambushed south of dmz in daylight. 3 u.s. kia, sixteen u.s. wia, 1 wia later died of wo...
Read more