(redirected from RC4 Cipher)


A cipher designed by RSA Data Security, Inc. which can accept keys of arbitrary length, and is essentially a pseudo random number generator with the output of the generator being XORed with the data stream to produce the encrypted data. For this reason, it is very important that the same RC4 key never be used to encrypt two different data streams. The encryption mechanism used to be a trade secret, until someone posted source code for an algorithm onto Usenet News, claiming it to be equivalent to RC4. The algorithm is very fast, its security is unknown, but breaking it does not seem trivial either. There is very strong evidence that the posted algorithm is indeed equivalent to RC4.

The United States government routinely approves RC4 with 40-bit keys for export. Keys this small can be easily broken by governments, criminals, and amateurs. The exportable version of Netscape's Secure Socket Layer, which uses RC4-40, was broken by at least two independent groups. Breaking it took about eight days; in many universities or companies the same computing power is available to any computer science student.

See also Damien Doligez's SSL cracking page, RC4 Source and Information, SSLeay, Crypto++, Ssh, A collection of articles.
This article is provided by FOLDOC - Free Online Dictionary of Computing (foldoc.org)

RC algorithms

(Ron's Code or Rivest's Cipher algorithms) A family of secret-key cryptographic algorithms from RSA Security, Inc., Bedford, MA (www.rsa.com). Although RSA (formerly RSA Data Security and acquired by EMC in 2006) is widely known for its public key methods, its secret key algorithms are also widely used. Ronald Rivest is the "R" in RSA.

Designed as a replacement for DES, RC2 uses a variable key and the block cipher method. RC4 uses a variable key and stream cipher method. Both RC5 and RC6 are block ciphers with variable keys up to 2,040 bits. RC6, designed by Rivest and others, uses integer multiplication for improved performance. RC6 was created to conform to the AES standard and was a finalist in the competition for the AES algorithm. See RSA, EMC, AES and DES.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
One of the other objectives of this study was to know the awareness level of the System Administrators, IT Managers and IT Administrators in the financial sector in Sri Lanka, about the RC4 cipher vulnerabilities in SSL.
The other is to disable RC4 Cipher Suit in the SSL configuration of the web server [8].
The aim of the survey was the identify the background knowledge and awareness of the IT-Security Admins and Managers of Sri Lanka Banks, about the RC4 cipher vulnerabilities in SSL/TLS.
However, the RC4 cipher shows some weaknesses, including correlation problems between the publicly known outputs of the internal state.
Several weaknesses have been identified in the RC4 cipher. Some of these can be solved easily, but others are critical because they can be exploited by attackers.
The plaintext is encrypted using the classic RC4 cipher followed by re-encrypting by Vigenere, which results in increased time of execution.
The RC4 cipher system is an important encryption algorithm that can be used to protect the information on various communication networks as its implementation is simpler, and its cryptographic function is faster than that of AES.
[15] Kadry, S., Smaili, M.: An Improvement of RC4 Cipher Using Vigenere Cipher.
The RC4 cipher dates all the way back to 1987 and it's about as reliable as a car from the same year.
The most significant 16-byte data of the final MD5 output in step 3 are used as an encryption key of RC4 cipher. 5.
They also suggested RC4 cipher with two states as enhancement for RC4 to resolve the attachment problem between public recognized outputs of the inner state using commutation between State1 and State2.
Example of stream ciphers are RC4 ciphers and one time pad ciphers.