RC4 Stream Cipher and Its Variants

Free Standard Shipping

Purchasing Options

ISBN 9781439831359
Cat# K11529



SAVE 20%

eBook (VitalSource)
ISBN 9781439831373
Cat# KE11403



SAVE 30%

eBook Rentals

Other eBook Options:


  • Represents the first complete book on RC4
  • Requires no prior knowledge of cryptography
  • Introduces basic concepts, such as private/public key cryptosystems and block/stream ciphers, before covering advanced material
  • Elucidates the theoretical underpinnings and experimental observations
  • Includes end-of-chapter research problems that highlight opportunities for future research
  • Offers a comprehensive bibliography of RC4 literature


RC4 Stream Cipher and Its Variants is the first book to fully cover the popular software stream cipher RC4. With extensive expertise in stream cipher cryptanalysis and RC4 research, the authors focus on the analysis and design issues of RC4. They also explore variants of RC4 and the eSTREAM finalist HC-128.

After an introduction to the vast field of cryptology, the book reviews hardware and software stream ciphers and describes RC4. It presents a theoretical analysis of RC4 KSA, discussing biases of the permutation bytes toward secret key bytes and absolute values. The text explains how to reconstruct the secret key from known state information and analyzes the RC4 PRGA in detail, including a sketch of state recovery attacks. The book then describes three popular attacks on RC4: distinguishing attacks, Wired Equivalent Privacy (WEP) protocol attacks, and fault attacks. The authors also compare the advantages and disadvantages of several variants of RC4 and examine stream cipher HC-128, which is the next level of evolution after RC4 in the software stream cipher paradigm. The final chapter emphasizes the safe use of RC4.

With open research problems in each chapter, this book offers a complete account of the most current research on RC4.

Table of Contents

Introduction to Cryptography
Etymology and Some Historical Facts
Primary Goals of Cryptography
Basic Terminology
Cryptographic Attack Models
Cryptographic Security
Private and Public Key Cryptosystems

Stream Ciphers and RC4
Introduction to Stream Ciphers
Attack Models for Stream Cipher Cryptanalysis
Hardware Stream Ciphers
Software Stream Ciphers
On Randomness and Pseudo-Randomness

Analysis of Key Scheduling
Bias of Permutation toward Secret Key
Non-Randomness of Permutation
Movement Frequency of Permutation Values
Key Collisions

Key Recovery from State Information
Reversibility of RC4 PRGA
Recovery through Solving Simultaneous Equations
Improvement by Difference Equations
Group of Key Bytes Approach
Byte by Byte Recovery
Bit by Bit Recovery
Bidirectional Key Search

Analysis of Keystream Generation
Finney Cycles
Glimpse Theorem
Biased Permutation Index Selection for the First Keystream Byte
Characterization of PRGA Evolution
Some Biases in First Keystream Byte toward Secret Key
More Biases in Many Keystream Bytes toward Secret Key
Exhaustive Enumeration of All Biases
State Recovery from Keystream

Distinguishing Attacks
A Theoretical Framework of Distinguishing Attacks
Distinguishers Based on Initial Keystream Bytes
Distinguishers Based on Any Stage of PRGA

WEP and WPA Attacks
RC4 in WEP and the Attack Principle
FMS Attack
Mantin’s Attack
Klein’s Attack
PTW and VX Attacks
RC4 in WPA and Related Attacks

Fault Attacks
Hoch and Shamir’s Attack
Impossible and Differential Fault Attacks
Fault Attack Based on Fork Model
Fault Attack with Pseudo-Random Index Stuck

Variants of RC4
Byte-Oriented Variants
Word-Oriented Variants
RC4-Based Hash

Stream Cipher HC-128
Description of HC-128
Linear Approximation of Feedback Functions
Distinguishing Attacks on HC-128
Collisions in h1, h2 and State Leakage in Keystream
Constructing Full-State Given Only Half-State Information
Design Modification with Respect to Known Observations

Safe Use of RC4

Appendix A: A Sample C Implementation of RC4
Appendix B: Verified Test Vectors of RC4



Research Problems are presented at the end of chapters 3-10.

Author Bio(s)

Goutam Paul is an assistant professor in the Department of Computer Science and Engineering at Jadavpur University. Dr. Paul has published articles in numerous refereed journals, including Discrete Applied Mathematics, Journal of Mathematical Cryptology, and Designs, Codes and Cryptography. His research interests include cryptography, security, steganography, and combinatorial algorithms.

Subhamoy Maitra is a professor at the Indian Statistical Institute. Dr. Maitra has contributed extensively to many peer-reviewed journals, such as IEEE Transactions on Information Theory, Discrete Mathematics, and Designs, Codes and Cryptography. He is also on the editorial board of Cryptography and Communications: Discrete Structures, Boolean Functions and Sequences. His research interests include cryptographically significant Boolean functions, design and cryptanalysis of stream ciphers, analysis of RSA and factorization, and cryptanalysis of digital watermarking schemes.

Editorial Reviews

"This remarkable monograph is ‘the first one on RC4.’ The theory surrounding the development of RC4 is very helpful for the study of stream ciphers in general, as the authors say. The book will be of interest to scholars and students whose expertise lies in cryptography, applied mathematics, computer security, and so on."
—Zhixiong Chen, Mathematical Reviews, January 2013

"I am delighted to introduce the first complete book on RC4, the most popular and widely deployed software stream cipher. … This book contains not only the authors’ own research materials, but it has nicely assimilated the results of others to make it a complete treatise on RC4 and its variants. I believe this book will be widely accepted as an important research monograph by both the students and experienced researchers in the field of cryptology."
—From the Foreword by Bimal Roy, founder of the Cryptology Research Society of India and director of the Indian Statistical Institute