The RC4 Algorithm

Network Security

1
The RC4 Algorithm
• RC4 is a stream cipher
designed in 1987 by
Ron Rivest for RSA
Security.
• It is a variable key-size
stream cipher with
byte-oriented
operations.

2
The RC4 Algorithm
• RC4 is used in the
Secure Sockets
Layer/Transport Layer
Security (SSL/TLS)
standards that have
been defined for
communication
between Web
browsers and servers.

3
The RC4 Algorithm
• Also used in the Wired
Equivalent Privacy
(WEP) protocol and
the newer WiFi
Protected Access
(WPA) protocol that
are part of the IEEE
802.11 wireless LAN
standard.

4
 The RC4 Algorithm
A generic
view

5
 The RC4 Algorithm
• The RC4 algorithm is
remarkably simple.
• A variable-length key
of from 1 to 256 bytes
Secret Key (8 to 2048 bits) is used
to initialize a 256-byte
state vector S, with
RC4
elements S[0],
S[1], . . . , S[255].
Keystream

Encrypted
Plain Text + Text
6
The RC4 Algorithm
• For encryption and
decryption, a byte k is
generated from S by
selecting one of the
255 entries in a
systematic fashion.
• As each value of k is
generated, the entries
in S are once again
permuted.

7
 RC4 …Inside
• Consists of 2 parts:
– Key Scheduling Algorithm (KSA)
– Pseudo-Random Generation
Algorithm (PRGA)

• KSA
– Generate State array KSA
• PRGA on the KSA PRGA
– Generate keystream
– XOR keystream with the
data to generated
encrypted stream
 The KSA

• Use the secret key to initialize and permutation of state

vector S, done in two steps
• Use 8-bit index pointers i and j

1 2

[S], S is set equal to the values from 0 to 255

S[0]=0, S[1]=1,…, S[255]=255
• Use T to produce initial permutation of S
[T], A temporary vector • The only operation on S is a swap;
[K], Array of bytes of secret key S still contains number from 0 to 255

After KSA, the input key and the temporary vector T will be no longer used
 The PRGA

• Generate key stream k , one by one

• XOR S[k] with next byte of message to encrypt/decrypt

i = j = 0;
While (more_byte_to_encrypt)
i = (i + 1) (mod 256);
j = (j + S[i]) (mod 256);
swap(S[i], S[j]);
k = (S[i] + S[j]) (mod 256);
Ci = Mi XOR S[k];

Sum of shuffled pair selects "stream key" value

from permutation
 RC4 Lookup Stage
• The output byte is selected by looking up the values of S[i] and S[j], adding
them together modulo 256, and then looking up the sum in S
• S [S[i] + S[j]] is used as a byte of the key stream, K

i = j = 0;
While (more_byte_to_encrypt)
i = (i + 1) (mod 256);
j = (j + S[i]) (mod 256);
swap(S[i], S[j]);
k = (S[i] + S[j]) (mod 256);
http://en.wikipedia.org/wiki/File:RC4.svg Ci = Mi XOR S[k];
Detailed Diagram
Overall Operation of RC4
 The RC4 Algorithm

• To encrypt, XOR the value k with the next byte

of plaintext.
• To decrypt, XOR the value k with the next byte
of ciphertext.

14
The RC4 Algorithm
Strength of RC4:
• A number of papers
have been published
analyzing methods of
attacking RC4.
• None of these
approaches is
practical against RC4
with a reasonable key
length, such as 128
bits.
15