CS 435 Project (Fall 2009)
Part One: 5 points
Due Day: November 12, 2009
A RC4 state is a 256 bytes states with two 8-bit indices i and j denoted by (S, i, j). The initial RC4 state
is generated by the KSA denoted by (S0, i=0, j=0 ).
An important feature of RC4 which differ from other stream ciphers is that the RC4 state is reversible.
That is, if (S*,i*,j*)=PRGAk(S,i,j) then it has (S,i,j)=IPRGAk(S*,i*,j*) where PRGAk denotes applying
PRGA by k rounds (same for IPRGAk) and IPRGA is the reverse algorithm of PRGA. This nature
means that any former RC4 state can be recovered from later RC4 state by applying IPRGA
corresponding rounds. Write a program to implement the following IPRGA algorithm and verify this
reversible nature of RC4 state.
IPRGA( S , i, j )
Generation loop :
S [i ]  S [ j ]
j  ( j  S [i ]  256) mod 256
i  (i  1  256) mod 256
Figure: IPRGA
Part Two: 15 points
Due Day: December 3, 2009
A RC4 state based secure one to one protocol is as follows.
Suppose A (sender) and B (receiver) posses the same secure key (128 bits), the number of bytes of the
message to be transmitted, the length (bytes) of the packet, and a sequence counter (SC). Initially A and
B set their counters to zero. Each packet has 84 bytes (4 bytes for sequence counter value, 64 bytes for
data and 16 bytes of MAC value):
SC (4 bytes)
Data (64 bytes)
MAC( 16
bytes )
The sender A divides the message into a number of packets, each of which is with a sequence counter
(SC) value in increased order (initially SCA = 0). MAC takes SC and Data as input and generates a
128-bit output. Only message data (64 bytes) and MAC (16 bytes) are encrypted by applying PRGA of
RC4.
1
The receiver B has a corresponding RC4 state Sc and a Sequence Counter (SCB). Initially, Sc = S0 and
SCB = 0. When receiving a new packet, B compares its SC value with the SC value of the packet. If the
difference of coming packet’s SC and B’s SC (SA-SB) is 0, then Sc is used as the input RC4 state to
decrypt the message by applying PRGA of RC4 and then increase the sequence counter by one.
Otherwise, compute new corresponding RC4 state from current Sc by applying numbers of PRGA or
IPRGA, and then use the new corresponding RC4 state to decrypt the message and set the receiver’s
sequence counter value by the SC value of the packet plus 1. B also needs to calculate the MAC
according to the decrypted data and then compare it with the packet’s MAC. If it is not same, B
requests A to resend this packet.
Write two programs (one for sender, another for receiver) to implement the above RC4 state based
protocol. Test your program by a 250 bytes message (4 packets). Suppose:
Case 1: the sequence of the packets received is 1, 2, 3 and 4
Case 2: the sequence of the packet received is 1, 3, 2 and 4
You can use any 250 byte data as the plaintext and ABCDEF0123456789ABCDEF9||your ID number
(9 hexadecimal digits) as the secure key.
You can use RC4 based hash function (see the reference paper) to form the HMAC function to compute
the MAC value.
Note: For the two parts of this project, paper project report and e-copy project report with code are
required. Please send the paper project report to Dr. Zhang, and send the e-copy project report and code
to yu209@cs.uregina.ca by email. Please indicate that it is the CS435 project report at the email
subject.
2