RC4是一個非常廣泛使用的串流加密技術,其優點為演算法簡單、容易實現且在軟體設計方面有良好的表現,因此運用在許多安全協定與資料量大或快速加解密上,然而,RC4存在許多弱點,因此不被信任與使用。 本論文針對RC4不變性弱點加以探討並提出改善方式。為了印證改善的方式,我們將相關RC4及其改善方式加以實現,再利用其產生亂數以作為串流金鑰使用,接著利用NIST亂數測試標準驗證串流金鑰的安全性,並且分析使用金鑰的不同亂數測試標準的結果,最後計算內部狀態b-守恆的數量,以此證明改善後的方式有改善RC4不變性的弱點。 實驗結果顯示,本論文提出的改善方式不失RC4原本簡單又有效率的優點,且改善RC4不變性的弱點,因此提升RC4的安全強度。
RC4 is the most widely used stream cipher. Its advantages are simple, efficient, and suitable for software implementations. Thus, it has been used in many security protocols with large amount of data encryption or fast encryption. However, RC4 is not to be trust because of several weaknesses. In this thesis, we propose an improved concept against the invariance weakness of RC4 algorithm. In order to illustrate the property of the proposed concept, we implement RC4 and its variant, which used to generate random sequence as the keystream. We use the NIST Statistical Test Suite to analyze the statistical properties by using different keys. Besides, we calculate the internal state of number of b-conserve to check the improvement the invariance weakness. The result shows that the proposed scheme improve the invariance weak without losing RC4 simple and efficient advantages.