1. [1] T. Ohigashi, T. Isobe, Y. Watanabe, and M. Morii, “How to recover full plaintext from only ciphertexts on broadcast RC4,” Proc. SCIS 2013, p.8, CD-ROM, 2013.

2. [2] T. Isobe, T. Ohigashi, Y. Watanabe, and M. Morii, “Full plaintext recovery attack on broadcast RC4,” Proc. FSE 2013, Lect. Notes Comput. Sci. 8424, pp.179-202, Springer-Verlag, 2014.

3. [3] T. Ohigashi, T. Isobe, Y. Watanabe, and M. Morii, “How to recover any byte of plaintext on RC4,” Proc. SAC 2013, Lect. Notes Comput. Sci. 8282, pp.155-173, Springer-Verlag, 2014.

4. [4] J. Dj. Golic, “Linear statistical weakness of alleged RC4 keystream generator,” Proc. EUROCRYPT '97, Lect. Notes Comput. Sci. 1233, pp.226-238, Springer-Verlag, 1997.

5. [5] S.R. Fluhrer and D.A. McGrew, “Statistical analysis of the alleged RC4 keystream generator,” Proc. FSE 2000, Lect. Notes Comput. Sci. 1978, pp.19-30, Springer-Verlag, 2001.