-
- OHIGASHI Toshihiro
- Graduate School of Science and Technology, Kobe University The Institute of Electronics, Information and Communication Engineers
-
- SHIRAISHI Yoshiaki
- Department of Computer Science and Engineering, Nagoya Institute of Technology The Institute of Electronics, Information and Communication Engineers
-
- MORII Masakatu
- Faculty of Engineering, Kobe University The Institute of Electronics, Information and Communication Engineers
この論文をさがす
抄録
In a key scheduling algorithm (KSA) of stream ciphers, a secret key is expanded into a large initial state. An internal state reconstruction method is known as a general attack against stream ciphers; it recovers the initial state from a given pair of plaintext and ciphertext more efficiently than exhaustive key search. If the method succeeds, then it is desirable that the inverse of KSA is infeasible in order to avoid the leakage of the secret key information. This paper shows that it is easy to compute a secret key from an initial state of RC4. We propose a method to recover an l-bit secret key from only the first l bits of the initial state of RC4 using linear equations with the time complexity less than that of one execution of KSA. It can recover the secret keys of which number is 2103.6 when the size of the secret key is 128bits. That is, the 128-bit secret key can be recovered with a high probability when the first 128bits of the initial state are determined using the internal state reconstruction method.
収録刊行物
-
- IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
-
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E91-A (1), 3-11, 2008
一般社団法人 電子情報通信学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1390282681288971776
-
- NII論文ID
- 10026846432
-
- NII書誌ID
- AA10826239
-
- ISSN
- 17451337
- 09168508
-
- 本文言語コード
- en
-
- データソース種別
-
- JaLC
- IRDB
- Crossref
- CiNii Articles
-
- 抄録ライセンスフラグ
- 使用不可