Optimization of the Security-Performance Tradeoff in RC4 Encryption Algorithm

Abstract

In this paper, we have investigated different vulnerabilities in RC4 and its enhanced variants to overcome the security attacks. It is established that in spite of several proposals, RC4 is not secure enough and a trade-off is always sought between security and network performance for overall provisioning of the secure communication. The main goal of the work presented in this paper is the optimization of security-performance tradeoff. We have proposed three RC4 variants referred to as RC4-M1, RC4-M2 and RC4-M3. Security of the proposed schemes is analyzed in terms of randomness and computational complexity. All the proposed variants qualify the NIST statistical test suite of randomness satisfactorily. The proposed schemes also offer computational complexity in terms of greater number of operations relative to the existing variants. The strength of the proposed schemes has been analyzed against different cryptanalytic attempts and shown the resistance of proposed schemes against attacks. The security-performance tradeoff has been analyzed in terms of run time, CPU cycles consumed, energy cost, and throughput. Encryption time of the proposed schemes--RC4-M1, RC4-M2 and RC4-M3 is 30.1, 10 and 48.7 % less as compared to RC4+ respectively. The results clearly indicate that the computation load of the proposed variants is significantly reduced as compared to the RC4+, concluding that the proposed schemes are computationally efficient. Our results and their analysis also recognize the suitability of the security algorithms for particular application areas.