In cryptography, RC4 (also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to insecure protocols such as the obsolete WEP protocol historically used to secure WiFi networks.
Key facts
- Encryption method.name
- RC4
- Encryption method.designers
- Ron Rivest (RSA Security)
- Encryption method.publish date
- Leaked in 1994(designed in 1987)
- Encryption method.key size
- 40– bits
- Encryption method.state size
- bits ( effective)
- Encryption method.rounds
- 1
- Encryption method.speed
- 7 cycles per byte on original PentiumModified Alleged RC4 on Intel Core 2: 13.9 cycles per byte
via Wikipedia infobox
Article
26 sectionsContents
- History
- Description
- Key-scheduling algorithm (KSA)
- Pseudo-random generation algorithm (PRGA)
- RC4-based random number generators
- Implementation
- Test vectors
- Security
- Roos' biases and key reconstruction from permutation
- Biased outputs of the RC4
- Fluhrer, Mantin and Shamir attack
- Klein's attack
- Combinatorial problem
- Royal Holloway attack
- Bar mitzvah attack
- NOMORE attack
- RC4 variants
- RC4A
- VMPC
- RC4<sup>+</sup>
- Spritz
- RC4-based protocols
- See also
- References
- Further reading
- External links
In cryptography, RC4 (also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to insecure protocols such as the obsolete WEP protocol historically used to secure WiFi networks.
There has long been speculation that some state cryptologic agencies may possess the capability to break RC4 when used in the TLS protocol. In response, the IETF published to prohibit the use of RC4 in TLS; Mozilla and Microsoft have issued similar recommendations.