Journal of Computer Applications ›› 2019, Vol. 39 ›› Issue (8): 2339-2345.DOI: 10.11772/j.issn.1001-9081.2018122459

• Cyber security • Previous Articles     Next Articles

Improved RC4 algorithm based on elliptic curve

CHEN Hong, LIU Yumeng, XIAO Chenglong, GUO Pengfei, XIAO Zhenjiu   

  1. School of Software, Liaoning Technical University, Huludao Liaoning 125105, China
  • Received:2018-12-12 Revised:2019-04-06 Online:2019-08-10 Published:2019-04-17
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61404069), the Science and Technology Research Project of Liaoning Provincial Department of Education (LJ2017QL032).

基于椭圆曲线的改进RC4算法

陈虹, 刘雨朦, 肖成龙, 郭鹏飞, 肖振久   

  1. 辽宁工程技术大学 软件学院, 辽宁 葫芦岛 125105
  • 通讯作者: 刘雨朦
  • 作者简介:陈虹(1967-),女,辽宁阜新人,副教授,硕士,CCF会员,主要研究方向:网络安全、信息安全;刘雨朦(1994-),女,辽宁沈阳人,硕士研究生,主要研究方向:网络安全、信息安全;肖成龙(1984-),男,湖南株洲人,副教授,博士,主要研究方向:软硬件协同设计、高层次综合、可扩展处理器;郭鹏飞(1981-),男,辽宁朝阳人,副教授,博士,主要研究方向:图像处理、算法优化;肖振久(1968-),男,内蒙宁城人,副教授,硕士,主要研究方向:信息安全。
  • 基金资助:
    国家自然科学基金资助项目(61404069);辽宁省教育厅科学技术研究项目(LJ2017QL032)。

Abstract: For the problem that the Rivest Cipher 4 (RC4) algorithm has invariant weak key, the randomness of the key stream sequence is not high and the initial state of the algorithm can be cracked, an improved RC4 algorithm based on elliptic curve was proposed. In the algorithm, the initial key was generated by using elliptic curve, Hash function and pseudo-random number generator, and a nonlinear transformation was performed under the action of the S-box and the pointer to finally generate a key stream sequence with high randomness. The randomness test carried out by National Institute of Standards and Technology (NIST) shows that the frequency test, run test and Maurer are 0.13893, 0.13081, and 0.232050 respectively higher than those of the original RC4 algorithm, which can effectively prevent the generation of invariant weak keys and resist the "sentence" attack. The initial key is a uniformly distributed random number without deviation, which can effectively resist the distinguishing attack. The elliptic curve and Hash function have one-way irreversibility, the pseudo-random number generator has high password strength, the initial key guess is difficult to assign and is not easy to crack, which can resist the state guessing attack. Theoretical and experimental results show that the improved RC4 algorithm is more random and safe than the original RC4 algorithm.

Key words: Rivest Cipher 4 (RC4) algorithm, key stream sequence, elliptic curve, Hash function, randomness

摘要: 针对流密码(RC4)算法存在不变性弱密钥、密钥流序列随机性不高和算法初始状态可以被破解等问题,提出一种基于椭圆曲线的RC4改进算法。该算法利用椭圆曲线、哈希函数和伪随机数产生器生成初始密钥,在S盒和指针的作用下进行非线性变换最终生成具有高随机性的密钥流序列。美国国家标准与技术研究院(NIST)随机性测试结果表明,改进算法的频率检验、游程检验和Maurer指标比原RC4算法分别高出0.13893,0.13081和0.232050,能有效防止不变性弱密钥的产生,抵抗"受戒礼"攻击;初始密钥是一个分布均匀的随机数,不存在偏差,能够有效抵御区分攻击;椭圆曲线、哈希函数具有单向不可逆性,伪随机数产生器具有高密码强度,初始密钥猜测赋值困难,不易破解,能够抵抗状态猜测攻击。理论和实验结果表明改进RC4算法的随机性和安全性高于原RC4算法。

关键词: 流密码(RC4)算法, 密钥流序列, 椭圆曲线, 哈希函数, 随机性

CLC Number: