Enhancement Of Rc4 Algorithm Using Hash Function And Blackbox Technique Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In the era of digital data transaction, in order to transact the data in a sophisticated manner the need for a cryptographic algorithm cannot be compensated by any other computing techniques. In this computing world we have huge numbers of cryptographic algorithms which makes the system resistant from the attacks of intruders and eavesdroppers. RivestCipher4 is the cryptographic algorithms which are very well known for their performance, simplicity, strong key generation. In this paper, we propose a method of generating authentication value using hash function. The structure of the proposed hash function is absolutely different from all the other hash function Class (e.g., SHA family) so that people cannot use the existing attack strategies to break the proposed hash function. The proposed hash function is very simple and rules out all possible generic attacks. We proved that this hash function is secure and efficient. So it will lead to increased key complexity and generation of authentication value using hash function which obviously results the intruder nothing else than confusion and frustration.

Cryptography is a well known and widely used technique that manipulate information in order to crypt their existence. More specifically, cryptography protects information by transforming it into an unreadable format [1]. The original text is transformed into a scramble equivalent text called cipher text and this process is called as "Encryption". This is achieved via an Encryption Algorithm. Only those who possess a secret key can decrypt the cipher text into plaintext. Simply it scrambles a message so it cannot be understood.

Cryptography deals with protecting information by encoding or transformation of data .There are two types of cryptographic schemes available on the basis of key.

Symmetric key Cryptography: This is the cryptographic scheme which uses a common key for enciphering and deciphering the message.

Asymmetric or Public Key Cryptography: This type of cryptographic scheme uses two keys for encryption and decryption called Public key and Private Keys.

We can also classify symmetric key cryptography into two types on the basis of their operations as

Stream Ciphers: It is a symmetric key cipher where stream of plaintext are mixed with a random cipher bit stream (key stream), typically by any logical operation. In this case of stream cipher one byte is usually encrypted at a particular time.

Block Ciphers: block cipher is also a symmetric key cipher which operates over a fixed-length groups of bits,. It usually take particular bit block of plaintext as input, and produces a corresponding n-bit output block of cipher text.

Cryptographic hash functions play a fundamental role in modem cryptography. Hash functions take a variable-sized message as input and produce a small fixed-sized string as output. Message authentication is a particular use of the hash function and the security strength of the message authentication depends on the cryptographic strength of the underlying hash functions. Message authentication is a procedure to verify that received messages come from the alleged source and have not been altered. Hash functions are usually designed from scratch or made out of a block cipher in a black box manner [1]. Some of the well-studied hash functions constructed from scratch are SHA-family [2, 3], MD4 [4], MD5 [5], RIPEMD [6],Tiger [7], HA VAL [8] etc. Whereas PGV hash function [9],MDC2 [10] etc. are designed in a black box manner

A hash function H is a transformation that takes an input and returns a fixed-size string, which is called the hash value h (that is, h = H(m) . Hash functions with just this property have a variety of general computational uses, but when employed in cryptography, the hash functions are usually designed to have some additional properties. The basic requirements of a cryptographic hash function are list below:

• The input can be of any length

• The output has a fixed length

• H(x) is relatively easy to compute for any given x

• H(x) is a one-way mapping

• H(x) is strongly collision-free

A hash function H is said to be one-way if it is hard to invert, which means that, given a hash value h, it is computationally infeasible to find some input x such that(x) = h. A strongly collision-free hash function H is computationally infeasible to find any two messages x and y

such that H(x) = H(y).The hash value h represents concisely the longer message or document from which it was computed; this value is called the message digest. Message authentication code (MAC) is a mechanism to achieve authentication. A message authentication code is an

authentication tag (also called a checksum) derived by applying an authentication scheme, together with a secret key, to a message.



RC4 is a synchronous stream cipher designed to satisfy both security and efficiency for lightweight algorithms, dedicated to hardware. Environments where the available resources are restricted. RC4 stream ciphers have weaknesses on the key size. If the key size is short, attacker can easily obtain the key by using the key recovery algorithms. In this case, re-keying is necessary.[10] Generally, re-keying is done by using the internal state in each packet to reinitialize the large internal state. The newly initialized internal state is dependant; therefore more variation and randomness can be achieved for the internal state. The value of internal state must be unique, and must not be used twice or more although the messages to be encrypted are different. Stream cipher is the important class of encryption and they encrypt each digit of plain text one at a time using a simple time dependent encryption transformation in practice ,the digit is single bit or byteRc4 is most widely used stream cipher nowadays due to its simplicity and high efficiency .rc4 is a variable key size key size stream cipher based on a 256 byte internal state and two one byte indexes I and j.rc4 consist of two parts namely key scheduling algorithm and pseudo random generation[2].

The key-scheduling algorithm consists of following steps in order to generate a key we should start the permutation in the array "S". "Key length" is stated as the number of bytes in the key and it usually range 1 ≤ key length ≤ 256, typically between 5 and 16, accordance to a key length of 40 - 128 bits. Initially, the array "S" is initialized to the recognized permutation. Array "S" operated for 256 iterations in a similar way to the main PRGA, but also mixes in bytes of the key[3].

for (i=0;i<=255;i++)

S[i] = I;

j = 0;

for (i=0;i <=255;i++)


j = (S[i] + i + key[i mod key length]) mod 256;

swap(S[i] , S[j]);


The Pseudo random generation algorithm (PRGA) modifies the state and outputs a byte of the key stream. In each iteration, the PRGA increments i, adds the value of S pointed to by i to j, exchanges the values of S[i] and S[j], and then outputs the element of S at the location S[i] + S[j] (modulo 256). Each element of S is swapped with another element at least once every 256 iterations.[3]

i = 0;

j = 0;



i = (i + 1) mod 256;

j = (j + S[i]) mod 256;

swap( S[i] , S[j] );

K = S[(S[i] + S[j]) mod 256];



In this paper we propose a black box tool for generating a fresh key from the actual key provided by the user. The fresh key thus obtained is hard to crack because of our complex black box design. In general black box may be of anything which has a set of confused and diffused mathematical formulas. For our publication purpose we propose a set of steps which is to be carried out in a black box. The following block diagram illustrates our modified approach to the Rivestcipher4 algorithm, and the steps which have to take place inside a black box.

Let K be the original key, CK be the concatenated key, NK be the ASCII conversion of the original key K, X be the resultant new key resulting from the black box.

In order to derive a new key(X) from the already existing key (k) of the RC4 the following steps are followed

1. From the key (K) which is given by the particular user, we get the ASCII values of the particular characters.

2. The ASCII values are concatenated which is called as the concatenated key (CK)

3. The Concatenated Key (CK) is now manipulated inside a particular modular function (mod 99) for the purpose of ending up with two digit number and the resulted value is Y.

4. The particular value Y is now XORed with the each ASCII value of the given character.

5. The resultant of the XORed product is the new fresh key which is fed into the rc4 algorithm hash function.

.the new generated key which is the input of the proposed hash function is a message with a maximum length of 264 bits and the output is a 34-byte message digest.

Step 1: Generate 512-bit blocks

The input of this step is an input message and the newly generated key from the black box technique (originalmessage+new key), and the output is/are one or several 512-bitmessage b1ock(s).First, the input message is padded (extended) so that its length (in bits) is congruent to 512. That is, the message is extended so that it is being a multiple of 512 bits long.. The input message (original message) is at the beginning, and followed by the padding bits.

Step 2: Process message blocks

The first 512-bit message block m, is processed by KSA and PRGA in sequence. The input of the KSA is m ,and the output is an RC4 state named State ml. The input of the PRGA is State m, (as the initial state for PRGA ) and the output is an RC4 state named State, after the encryption single 512 bit block in order to process the next message block. The second 512-bitmessage block m2 is processed by KSA and PRGA in sequence. The rest of the blocks apply the same process as the first block. the output of this step is followed by concatenation of the all the encrypted bit blocks, now the concatenated bit block is sent as input again to rc4 algorithm and followed by the encryption.

Step3: . Generate authentication value

The output of the step 2 is a encrypted RC4 state. It can be used as the output of the hash function to be the authentication value already. However, normally we want tohave a shorter value to be the authentication value. For this reason we have this step to reduce the length of the authentication value. There are many ways can be used to reduce the length of

the output. We use the following rule to generate the authentication value: take one bit from each one byte (e.g. the last bit of each byte) of the output of the step 2,combined with the index i and j which is the authentication value.

The significance of the proposed systems are as follows:

The Rc4 is enhanced both in terms of key strength and its complexity. The newly formed key which is generated will not be known even to sender and receiver

In general, Key strength which is one of the salient feature of block cipher which is missing in all stream ciphers. This scenario will come to an end by the usage of BLACKBOX and it will increase the key strength that is ever provided by other stream ciphers.

The intruder will have no idea about process of the hash function with in the rc4 .

We propose this hash function in order to increase the key strength and cipher complexity and to have authentication over the message. so that it will be suitable in the mere future to hold any algorithm.


For the purpose of simulating the hash function and RC4 algorithm we used Java which is known for its platform independency and better GUI features. We developed, tested and executed using JDK 1.6 in core 2 duo processor. We adopted JCreator1.6 for IDE purposes. The following figures illustrates about the encryption and decryption phase of Rc4 algorithms. In the Key textfield, the entered key is none other than the ciphertext derived from the Blowfish algorithm.

Fig 3:Rc4 Encryption & Decryption


RC4 stream cipher is able to provide the advantages of fast performance and simplicity in resource constrained environment. SinceRC4 stream cipher is a symmetry key encryption algorithm, initialization vector (IV) has been normally used to provide variation of encryption from different sensor nodes in the WSN. In this case, the IV length must be long enough to avoid repetition. We currently concentrate on a group key update method that enhance the security of RC4 from cryptanalysis without increasing the length of key and IV. . The new generated key and the key update time are random, untraceable and unpredictable.


. This paper proposes a new hash function based on RC4stream cipher. The efficiency of the proposed RC4 based hash function is much better than widely used known hash function and its structure is absolutely different from the broken hash function class. It is very simple and rules out all possible generic attacks. More than that, the application of the proposed hash function can be applied to wireless devices in which most of hash function won't be applicable.