Advanced Cyber Security

Resources / IT Security Resources Part4 /

RC4

RC4 Encryption cipher is a very popular and used in many software.

It is a software stream cipher that is often used.

It's also known by the names of ARC4 or ARCFOUR (Alleged RC4).

This prevalent cipher has a wide range of applications, and its particularly paired up with widely used protocols such as SSL or Secure Sockets Layer for Internet traffic protection as well as WEP for the sake of safeguarding wireless networks from the evils of malware and cyber crime.

Although its quite renowned for its speed in software and its simplicity in use, RC4 isnt perfect by any stretch of the imagination.

It also suffers from shortcomings and susceptibilities that make administrators wary about using it in newer, more complicated systems.

More to the point, whenever nonrandom or interconnected keys are used with the cipher, or whenever the start of the output key stream isnt discarded, RC4 is especially vulnerable to cracking.

RC6

There are ways of utilizing RC4 that can result to open and weak crypto systems, such as its dubious applications with WEP.

Ron Rivest of RSA Security (one of the three people who figured out the RSA algorithm and revealed its secrets to the general public) was the one who designed RC4 way back in 1987.

Officially, the acronym "RC4" stands for "Rivest Cipher 4", but unofficially, its believed to be termed as "Rons Code", because Rivest also made block cipher codes such as RC2, RC5, and RC6.

At first a trade secret, RC4s description was published on the Cypherpunks mailing list back in September 1994 by an anonymous source.

The post eventually found its way to the sci.crypt newsgroup, which then led to it going viral, its secrets revealed in a variety of sites within the early nineties Internet.

Algorithm

The exposed code was established to be real because its output was proven to match that of propriety applications that made use of the licensed RC4 as its protection cipher of sorts.

Ever since the algorithm was leaked, it was no longer considered a trade secret.

Furthermore, because the name "RC4" remains a trademarked brand, the cipher has been alternatively called ARC4 (Alleged RC4) and ARCFOUR to avoid any trademark disputes.

Rivest himself, ironically enough, has linked the English Wikipedia article describing RC4 in his course notes even though his company, RCA Security, has never formally and legitimately released the algorithm to the general public.

Ever since it was exposed and even before that, RC4 had become a staple of IT security.

RC4 Stream Key

It has become part of typically used encryption standards, with applications extending to TLS, WPA for wireless cards, and WEP.

Nevertheless, its main claims to fame are its quickness and straightforwardness.

There are few algorithms out there that can beat RC4s ease of use, efficiency, and intuitiveness when implemented on both hardware and software.

When compared to modern stream ciphers like eSTREAM, RC4 doesn't take an individual nonce next to the key.

Its the crypto system that defines how to merge the long-term key and the nonce to produce RC4's stream key.

Pricing Click Here ->

Buy from a VAR or VAD Click Here ->

Get a Free Vulnerability Scan Click Here ->


Ingenco2 Trustmark SecPoint Trustpilot Emaerket

➤ Related Pages

802.11 Protocol
CSRF
DDoS
DLP
Ethical Hacker
IPX
NetBEUI
OSI
OpenBSD
RC4
RSA
SEO Check links
SOX
TCP/IP
The Sarbanes-Oxley Act of 2002
UTM Appliance Review
Vulnerability Testing Appliance
WPA Handshake
WPA2
WPA2 Password Handshake
Web Scan
What is Bandwidth Management ?
Wireless Access Point