27

I'm looking for the 'plain English' version of 'bias' as used in the context of the RC4 weakness.

I know that RC4 generates a string of psuedorandom bits over, for instance, http(s) traffic. If you encrypt mostly the same data with this, there is little change in what you're encrypting, and this allows for similarities in your output. So, part of your strings will look the same, and may even be repeating what you've seen before.

Can I use 'similarities in your output' or 'parts of strings that repeat themselves' as a translation for 'bias' in this context, or is there a better explanation?

spoorlezer
  • 563
  • 5
  • 10
  • 2
    Have you looked at [this blog post](http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html)? – cpast Jan 12 '15 at 16:47
  • I have, @cpast! I came across it when Googling earlier. My problem with that piece of text is that I don't think using 'the strings are transparent' is something my non-tech readers will understand. I'm trying to write it in as simple English as I can think of, but I haven't quite managed to get it dumbed down enough, I feel. – spoorlezer Jan 12 '15 at 17:10

1 Answers1

48

I think explaining the weakness in RC4 to a non-technical audience would be very similar to explaining the role of randomness in crypto to a similar audience.

Let's say I want my army to attack at dawn, so I encrypt the message "attack at dawn," generate a ciphertext c_0, and send it to my army, who then attacks my enemy at dawn. Great.

Next week, I want to attack at dawn again. So I use a different key and encrypt my message "attack at dawn" again, to generate a ciphertext c_1, which I then said to my army. Imagine I do this n times to produce n ciphertexts.

If my enemy can read the messages I send, he will look for patterns (biases) in the messages I send right before my army attacks at dawn. If there is something similar with all these messages (e.g. they all start with a "?" character), my enemy might be able to guess that any message beginning with "?" corresponds to "attack at dawn." However, if you can't find any pattern in the ciphertexts, the enemy learns nothing about your communication.

The weakness in RC4 lies in the fact that the same message encrypted with different keys produces ciphertexts that have common patterns (statistical biases). These are usually much more subtle than beginning with the same character, but the point is the same.

James Evans
  • 546
  • 5
  • 4
  • 3
    Hey, dirk5959. I can work with 'common patterns'. I was thinking along the lines of 'preferred combinations of string' but this is way easier and a lot clearer! Thanks, man. – spoorlezer Jan 12 '15 at 17:25