Finding an internal state of RC4 stream cipher

This paper presents a criterion, based on information theory, to measure the amount of average information provided by the sequences of outputs of the RC4 on the internal state. The test statistic used is the sum of the maximum plausible estimates of the entropies H(jt|zt), corresponding to the probability distributions P(jt|zt) of the sequences of random variables (jt)t∈T and (zt)t∈T, independent, but not identically distributed, where zt are the known values of the outputs, while jt is one of the unknown elements of the internal state of the RC4. It is experimentally demonstrated that the test statistic allows for determining the most vulnerable RC4 outputs, and it is proposed to be used as a vulnerability metric for each RC4 output sequence concerning the iterative probabilistic attack.

Download Full-text

A metaheuristic tabu search approach for internal state reconstruction of RC4 stream cipher

2011 RoEduNet International Conference 10th Edition: Networking in Education and Research ◽

10.1109/roedunet.2011.5993708 ◽

2011 ◽

Cited By ~ 1

Author(s):

Bogdan Crainicu ◽

Calin Enachescu

Keyword(s):

Tabu Search ◽

Stream Cipher ◽

Internal State ◽

State Reconstruction ◽

Rc4 Stream Cipher ◽

Search Approach

Download Full-text

A Novel Image Encryption Scheme Based on Intertwining Chaotic Maps and RC4 Stream Cipher

3D Research ◽

10.1007/s13319-018-0162-2 ◽

2018 ◽

Vol 9 (1) ◽

Cited By ~ 7

Author(s):

Manju Kumari ◽

Shailender Gupta

Keyword(s):

Image Encryption ◽

Stream Cipher ◽

Chaotic Maps ◽

Encryption Scheme ◽

Rc4 Stream Cipher

Download Full-text

RC4 Stream Cipher with a Random Initial State

Lecture Notes in Electrical Engineering - Information Technology Convergence ◽

10.1007/978-94-007-6996-0_42 ◽

2013 ◽

pp. 407-415 ◽

Cited By ~ 3

Author(s):

Maytham M. Hammood ◽

Kenji Yoshigoe ◽

Ali M. Sagheer

Keyword(s):

Stream Cipher ◽

Initial State ◽

Rc4 Stream Cipher

Download Full-text

Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA

Sensors ◽

10.3390/s20236909 ◽

2020 ◽

Vol 20 (23) ◽

pp. 6909

Author(s):

Francisco Eugenio Potestad-Ordóñez ◽

Manuel Valencia-Barrero ◽

Carmen Baena-Oliva ◽

Pilar Parra-Fernández ◽

Carlos Jesús Jiménez-Fernández

Keyword(s):

Stream Cipher ◽

Internal State ◽

Clock Cycle ◽

Fault Analysis ◽

Invasive Technique ◽

Sensitive Information ◽

Secret Key ◽

Key Recovery ◽

Differential Fault Analysis ◽

Secret Keys

One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions.

Download Full-text