OverviewIn RC4, the first 256 steps use the key to perform a transposition on an array of the bytes from 0 to 255. Ideally, a random key should result in a random distribution. However, the resulting distribution is far from random. The above applet is running RC4 many times with different, random, 16-byte keys. The TOTAL at the bottom tells how many runs have occurred so far. The image shows the statistics that have been selected. The color of a pixel at position (X,Y) shows the probability that at the end of the initialization, the byte X will end up at position Y (where the origin is in the upper-left corner). Ideally, the entire image should be a uniform color. Note that the bottom row of pixels is a uniform color. This means that all 256 values are equally likely to end up in the last element of the array. This true, because the last step of the initialization is to swap a randomly-chosen element of the array with the last element. (It's randomly-chosen because the bytes in the key are random). Click on any row to move the white line there, to see a graph of the distribution for that element in the final array.Note that there are L shaped patterns visible near the top. These are due to the key being shorter than 256 bytes. If the key is 256 bytes long, these dissappear. Note that they fade and are less visible lower in the image, meaning that the later element in the array are less affected by the key length. Thes are known problems with RC4. The standard fix is to discard the first 256 bytes of the stream that RC4 generates. With this fix, the above image would appear completely uniform. |