Given the design of RC4, is it possible or impossible for the values $i$ and $j$ to be equal to each other when $S[i]$ and $S[j]$ are swapped?
Asked
Active
Viewed 254 times
1 Answers
5
$i=j$ is possible.
Here's an example: When initialized with key iB (i.e., the two-byte string 69 42), the state after key generation is $i_0=j_0=0$ and $S$ the following table:
69 01 17 5c 36 02 c4 af 34 8e f7 44 12 c5 06 e6
70 91 8d 6a 67 72 0b f8 81 ec 57 16 1e 5d 2f f2
0d 6b f6 5b e8 95 6d 9f e1 43 d6 29 28 27 b3 25
a0 23 22 21 20 54 fe 4c 79 1b 71 3c 96 ba 4b 9d
f9 d5 49 8c e9 7c 0f 42 b7 80 f5 5e 77 53 94 ef
fb 46 e3 78 f3 1c 8b 64 a8 d1 2d 18 e5 09 86 a2
65 b8 83 05 4a 6e 60 de 03 47 fa 1a 37 14 fd c2
87 51 b0 ca 50 82 40 89 73 c0 a3 33 92 41 bc 08
c7 6c d8 8f 58 cb 2b 3e ac 55 b6 c3 59 b9 84 da
bd 7e 2a d4 4e 4f 04 ea d7 b2 66 2e 3b a9 3f 00
db a6 e4 aa bf 9b 99 e7 98 c1 bb 93 88 3d 07 0c
d2 f4 31 9a 76 fc 38 62 b4 c8 f0 b1 df ce 97 ab
dc 7a 19 4d 1d 39 d9 7f 0e 7b c6 ae 11 75 cf d3
9e ed 35 13 85 ff a5 f1 cd 7d e2 24 68 c9 30 8a
10 63 0a cc 48 61 d0 15 3a 90 a4 5a 45 2c 1f ee
9c eb 32 5f be 74 6f b5 e0 52 a1 a7 26 ad dd 56
This means that the $i$ and $j$ used to produce the first output byte are
$$i = (i_0 + 1) \bmod 256 = (0 + 1) \bmod 256 = 1 \text; $$ $$j = (j_0 + S[i]) \bmod 256 = (0 + \mathrm{0x01})\bmod 256 = 1 \text, $$
and therefore $i=j$.
yyyyyyy
- 12,081
- 4
- 47
- 68