Abstract

In 2005, Gong proposed an RC4-like stream cipher capable of fast operation on a 32/64-bit processor. This stream cipher solved the RC4 problem of difficult 32/64-bit processing, a problem once thought impossible to solve. Operation of the cipher on 32- and 64-bit processors is about 3.1 and 6.2 times as fast, respectively, as that of the RC4 cipher. However, we have found a considerable bias in the output sequence of the RC4-like stream cipher. Using the bias along with the first two words of a keystream associated with approximately 2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">30</sup> secret keys allows us to build a distinguisher.