RC4

This article is about the stream cipher. For other uses, see RC4 (disambiguation).

RC4
General
DesignersRon Rivest (RSA Security)
First publishedLeaked in 1994
(designed in 1987)
Cipher detail
Key sizes40–2048 bits
State size2064 bits (1684 effective)
Rounds1
Speed7 cycles per byte on original Pentium[1]
Modified Alleged RC4 on Intel Core 2: 13.9 cycles per byte[2]

In cryptography, RC4 (Rivest Cipher 4, also known as ARC4 or ARCFOUR, meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure.[3][4] It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.[5]

As of 2015, there is speculation that some state cryptologic agencies may possess the capability to break RC4 when used in the TLS protocol.[6] IETF has published RFC 7465 to prohibit the use of RC4 in TLS;[3] Mozilla and Microsoft have issued similar recommendations.[7][8]

A number of attempts have been made to strengthen RC4, notably Spritz, RC4A, VMPC, and RC4+.

  1. ^ P. Prasithsangaree; P. Krishnamurthy (2003). Analysis of Energy Consumption of RC4 and AES Algorithms in Wireless LANs (PDF). GLOBECOM '03. IEEE. Archived from the original (PDF) on 3 December 2013.
  2. ^ "Crypto++ 5.6.0 Benchmarks". Retrieved 22 September 2015.
  3. ^ a b Andrei Popov (February 2015). Prohibiting RC4 Cipher Suites. doi:10.17487/RFC7465. RFC 7465.
  4. ^ Lucian Constantin (14 May 2014). "Microsoft continues RC4 encryption phase-out plan with .NET security updates". ComputerWorld.
  5. ^ J. Katz; Y. Lindell (2014), Introduction to Modern Cryptography, Chapman and Hall/CRC, p. 77.
  6. ^ Cite error: The named reference Leyden20130906 was invoked but never defined (see the help page).
  7. ^ "Mozilla Security Server Side TLS Recommended Configurations". Mozilla. Retrieved 3 January 2015.
  8. ^ "Security Advisory 2868725: Recommendation to disable RC4". Microsoft. 12 November 2013. Retrieved 4 December 2013.