What are the RC4 algorithms?

stream cipher
RC4 is a stream cipher and variable length key algorithm. This algorithm encrypts one byte at a time (or larger units on a time).

How does RC4 algorithm work?

RC4 generates a pseudo-random stream of bits (a key-stream). As with any stream cipher, these can be used for encryption by combining it with the plaintext using bit-wise exclusive-or. The permutation is initialized with a variable length key, typically between 40 and 256 bits, using the key-scheduling algorithm (KSA).

What is RC4 key schedule algorithm?

RC4 consists of two parts (described in Figure 1): A key scheduling algorithm KSA which turns a random key (whose typical size is 40-256 bits) into an initial permutation S of f0 ::: N ;1g, and an output generation part PRGA which uses this permutation to generate a pseudo-random output sequence.

Which security technologies use the RC4 encryption?

It’s used in common protocols such as Wired Equivalent Privacy (WEP), a security algorithm for wireless networks, and the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols of HTTPS; in fact, around 50% of all TLS traffic is currently protected using the RC4 algorithm.

Can the RC4 encryption algorithm be attacked?

The RC4 attack applies to all versions of SSL and TLS that support the algorithm. The attack on RC4 is possible because of statistical flaws in the keystream generated by the algorithm that reveals parts of encrypted messages, provided the attacker can obtain enough samples to analyze.

Why is RC4 vulnerable to a bit flipping attack?

Because RC4 is a stream cipher, it is more malleable than common block ciphers. If not used together with a strong message authentication code (MAC), then encryption is vulnerable to a bit-flipping attack. The cipher is also vulnerable to a stream cipher attack if not implemented correctly.

Who is the creator of the RC4 cipher?

RC4 (Rivest Cipher 4) was designed by Ron Rivest of RSA Security back in 1987 and has become the most widely used stream cipher because of its speed and simplicity.

Is there a weakness in the RC4 cipher?

Daniel J. Bernstein, a professor at the University of Illinois at Chicago, presented his research on secret-key cryptosystems this week and the major revelation was a practical attack against a known weakness in RC4 that enables an attacker to compromise a victim’s session with a site protected by TLS.