The Most Efficient Distinguishing Attack on VMPC and RC4A
نویسندگان
چکیده
This paper reports the greater bias found in the output sequence of VMPC, a modified RC4 stream cipher proposed in 2004. Using the bias with approximately 2 output bytes allows us to distinguish VMPC from truly random sequence. Distinguishing attack can also break RC4A, an algorihm based on RC4, more efficiently than any existing attacks. With about 2 output bytes, distinguishing attack makes it possible to distinguish RC4A from truly random sequence.
منابع مشابه
Two Linear Distinguishing Attacks on VMPC and RC4A and Weakness of RC4 Family of Stream Ciphers (Corrected)
1 At FSE 2004 two new stream ciphers VMPC and RC4A have been proposed. VMPC is a generalisation of the stream cipher RC4, whereas RC4A is an attempt to increase the security of RC4 by introducing an additional permuter in the design. This paper is the first work presenting attacks on VMPC and RC4A. We propose two linear distinguishing attacks, one on VMPC of complexity 2, and one on RC4A of com...
متن کاملTwo Linear Distinguishing Attacks on VMPC and RC4A and Weakness of RC4 Family of Stream Ciphers
At FSE 2004 two new stream ciphers VMPC and RC4A have been proposed. VMPC is a generalisation of the stream cipher RC4, whereas RC4A is an attempt to increase the security of RC4 by introducing an additional permuter in the design. This paper is the first work presenting attacks on VMPC and RC4A. We propose two linear distinguishing attacks, one on VMPC of complexity 2, and one on RC4A of compl...
متن کاملStatistical weaknesses in 20 RC4-like algorithms and (probably) the simplest algorithm free from these weaknesses - VMPC-R
We find statistical weaknesses in 20 RC4-like algorithms including the original RC4, RC4A, PC-RC4 and others. This is achieved using a simple statistical test. We found only one algorithm which was able to pass the test VMPC-R. This algorithm, being approximately three times more complex then RC4, is probably the simplest RC4-like cipher capable of producing pseudo-random output.
متن کاملCryptanalysis of some first round CAESAR candidates
ΑΕS _ CMCCv₁, ΑVΑLΑNCHEv₁, CLΟCv₁, and SILCv₁ are four candidates of the first round of CAESAR. CLΟCv₁ is presented in FSE 2014 and SILCv₁ is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against ΑES _ CMCCv₁ with the complexity of two queries and the success ...
متن کاملOn the (In)security of Stream Ciphers Based on Arrays and Modular Addition
Stream ciphers play an important role in symmetric cryptology because of their suitability in high speed applications where block ciphers fall short. A large number of fast stream ciphers or pseudorandom bit generators (PRBGs) can be found in the literature that are based on arrays and simple operations such as modular additions, rotations and memory accesses (e.g. RC4, RC4A, Py, Py6, ISAAC etc...
متن کامل