ANALYSIS OF WAYS TO IMPROVE THE RC4 STREAM ENCRYPTION ALGORITHM

DOI: 10.31673/2409-7292.2025.011455

Authors

  • Ю. В. Щербина, (Shcherbyna Yu. V.) National University "Odesa Law Academy", Odesa, Ukraine.
  • Н. Ф. Казакова, (Kazakova N. F.) Odesa National University named after I.I. Mechnikova, Odesa, Ukraine
  • Н. І. Логінова, (Loginova N. I.) Odesa Law Academy National University, Odesa, Ukraine
  • О. О. Фразе-Фразенко, (Fraze-Frazenko O. O.) Odesa National University named after I.I. Mechnikova, Odesa city, Ukraine.
  • Н. Б. Фоміна, (Fomina N. B.) State University "Kyiv Aviation Institute"

DOI:

https://doi.org/10.31673/2409-7292.2025.011455

Abstract

The article considers the problems associated with increasing the stability of the RC4 cipher, which is used in network
protocols of modern distributed computer systems. Over the past decade, some weaknesses have been discovered in the RC4
encryption algorithm, the presence of which is explained by the simplicity of the algorithm embedded in it. The main such
weakness is the correlation between the secret key and the encryption gamma formed on its basis. The article provides an
analysis of the methods proposed by various authors to eliminate this drawback by complicating the key planning algorithms
and the formation of pseudo-random numbers. It is concluded that solutions based on a simple increase in the complexity of the
algorithm by implementing additional cryptographic transformations are not effective, since this deprives the RC4 cipher of its
speed. Because of this, it is proposed to give preference to solutions based on 32/64-bit microprocessor systems, which allow
significantly increasing the space of internal states of the encryption algorithm without a noticeable decrease in the speed of the
encryption process.
Keywords: RC4 stream cipher, random permutation, key stream, cipher gamma, cryptanalysis, weak internal state, weak
keys.

References
1. S. Fluhrer, I. Mantin, and A. Shamir. Weaknesses in the Key Scheduling Algorithm of RC4. SAC 2001 , vol.
2259 of LNCS, pp. 1-24, Springer-Verlag, 2001. URL: https://link.springer.com/content/pdf/10.1007/3-540-45537-
X_1.pdf.
2. Bruce Schneier. Applied Cryptography (Second edition). Wiley, 1995. 662 p. URL: https://github.com/
mhpanchal/Cyber-Security-Books/blob/master/Applied%20Cryptography%20(Bruce%20Schneier).pdf.
3. Vladimir Rozic, Bohan Yang, Wim Dehaene, Ingrid Verbauwhede. Iterating Von Neumann's post-processing
under hardware constraints. Conference: 2016 IEEE International Symposium on Hardware Oriented Security and Trust
(HOST). DOI:10.1109/HST.2016.7495553. May 2016. URL : https://www.researchgate.net/publication/
304456979_Iterating_Von_Neumann's_post-processing_under_hardware_constraints/
4. S. Mister and S. Tavares. Cryptanalysis of RC4-like Ciphers. SAC ’98, vol. 1556 of LNCS, pp. 131-143,
Springer-Verlag, 1999. URL : https://www.researchgate.net/publication/221274797_Cryptanalysis_of_RC4-like_
Ciphers
5. Poonam Jindal, Brahmjit Singh. RC4 Encryption-A Literature Survey. Electronics and Communication
Engineering Department, National Institute of Technology, Kurukshetra 136119, India. Procedia Computer Science 46
(2015) 697 – 705. URL : https://core.ac.uk/download/pdf/82455735.pdf.
6. Goutam Paul, Subhamoy Maitra, Anupam Chattopadhyay. Quad-RC4: Merging Four RC4 States towards a 32-
bit Stream Cipher. IACR Cryptology ePrint Archive, January 2013, 572. URL : https://eprint.iacr.org/2013/572.pdf.
7. Subhamoy Maitra, Goutam Paul. Analysis of RC4 and Proposal of Additional Layers for Better Security Margin.
Procedia Computer Science. Volume 46, 2015, Pages 697-705. DOI:10.1016/J.PROCS.2015.02.129. URL :
https://eprint.iacr.org/2008/396.pdf.
8. Maytham Hammood, K. Yoshigoe, Ali M Sagheer. RC4-2S: RC4 stream cipher with two state tables.
DOI:10.1007/978-94-007-6996-0-2. 11 April 2016.URL : https://www.researchgate.net/publication/283429259_
RC4-2S_RC4_stream_cipher_with_two_state_tables.
9. Souradyuti Paul, Bart Preneel. A New Weakness in the RC4 Keystream Generator and an Approach to Improve
the Security of the Cipher. Fast Software Encryption. Conference paper. pp 245–259. 2004. DOI:10.1007/978-3-540-
25937-4_16. URL : https://iacr.org/archive/fse2004/30170244/30170244.pdf.
10. Yassir Nawaz, K. Gupta, G. Gong. A 32-bit RC4-like Keystream Generator. Information Security and
Cryptology. First SKLOIS Conference, CISC 2005, Beijing, China, December 15-17, 2005, Proceedings. URL :
https://eprint.iacr.org/2005/175.pdf.
11. Aleksandar Kircanski,· Rabeah Al-Zaidy ,·Amr M. Youssef. A new distinguishing and key recovery attack on
NGG stream cipher. Cryptogr. Commun. (2009) 1:269–282. DOI 10.1007/s12095-009-0012-4. URL :
https://users.encs.concordia.ca/~youssef/Publications/Papers/A%20New%20Distinguishing%20and%20Key%20Recov
ery%20Attack%20on%20NGG%20stream%20cipher.pdf.
12. G. Gong, K.C. Gupta, M. Hell, Y. Nawaz, Towards a General RC4-like Keystream Generator. Information
Security and Cryptology. Conference paper. pp 162–174. SpringerVerlag, 2005, pp. 162–174. URL : https://theeye.eu/public/Site-Dumps/campdivision.com/camp/Text%20Files/PDF/Computers%20General/Privacy/Cryptography/
RC4%20Stream%20Cipher/Towards%20a%20General%20RC4-like%20Keystream%20Generator.pdf.
13. Aleksandar Kircanski, Amr M. Youssef. On the Weak State in GGHN-like Ciphers. Conference: Availability,
Reliability and Security (ARES), 2012. DOI:10.1109/ARES.2012.32. URL : https://users. encs.
concordia.ca/~youssef/Publications/Papers/A%20New%20Distinguishing%20and%20Key%20Recovery%20Attack%2
0on%20NGG%20stream%20cipher.pdf.

Downloads

Published

2025-04-23

Issue

No. 1 (2025)

Section

Articles