Cryptography Reference
In-Depth Information
Algorithm 10.6
The key generation algorithm of ARCFOUR.
(
S, i, j
)
i ←
(
i
+ 1) mod 256
j ←
(
j
+
S
[
i
]) mod 256
S
[
i
]
↔ S
[
j
]
t ←
(
S
[
i
]+
S
[
j
]) mod 256
k ← S
[
t
]
(
k
)
In spite of its simplicity, ARCFOUR had turned out to be quite resistant to
many cryptanalytical attacks. In 2001, however, it was discovered that the random-
ness properties of the first bytes in the key stream generated by ARCFOUR are poor
and that this fact can be exploited in an attack against the WEP protocol [22, 23].
Since then, people are worried about the security of ARCFOUR (at least in some
specific environments).
10.4
PERFECTLY SECURE ENCRYPTION
As mentioned several times so far, the field of information-theoretically secure
encryption was pioneered by Shannon in the late 1940s [24, 25].
38
The aim was
to come up with an encryption system that is perfectly secure in the sense that it is
impossible for an adversary to derive any information about a plaintext message
from a given ciphertext.
39
This must be true even if the adversary has the best
available computer technology at hand and even if he or she is not limited in
computational resources (e.g., time and memory). Having such an absolute notion
of security in mind, it is not at all obvious that perfect security exists at all. There is
good and bad news. The good news is that perfect secrecy is possible and technically
feasible. The bad news is that perfect secrecy is usually too expensive for almost all
practical applications.
As illustrated in Figure 10.15, Shannon introduced a model of a symmetric
encryption system. In this model, a source (left side) wants to transmit a plaintext
message
m
to the destination (right side) over an unsecure communications channel
(dotted line). To secure the message during its transmission, the source has an en-
cryption device and the destination has a decryption device. The devices implement
38
Refer to Chapter 5 for a brief introduction to information theory.
39
This means that one has a ciphertext-only attack in mind when one talks about perfect secrecy and
information-theoretically secure encryption.
