How to Safely Use RC4 as Stream Cipher

The RC4, which is also known as ARCFOUR or ARC4, is a widely-used software stream cipher, a type of symmetric encryption algorithm. This was designed by Rivest mainly for RSA Security in 1987. This is also used for SSL protocols that protect traffic in the Internet and for securing wireless networks.

Although the RC4 has shown remarkable speed and simplicity as software, it is also vulnerable to attacks especially when you have failed to discard the beginning of the output key stream. This was supposed to be a trade secret, but when it was described first on the mailing list, it eventually spread out to several sites on the Internet. Since the algorithm has been revealed, it is no longer considered as a trade secret.

Today, the acronym “RC4” has already been trademarked to prevent future trademark problems.

Algorithmic Features of the RC4

To better understand how the RC4 functions, it is important to look into its algorithm:

  • It uses keys with variable length, from 1 to 256 bytes, to initialize a state table. This table is then used for the subsequent generation of random bytes to create a stream.
  • A key can be limited to 40 bits due to export restrictions. However, this can often be used as a 128 bit key. It can also use keys that range from 1 to 2048 bits.
  • The algorithm undergoes a couple of phases: ciphering and key setup. The process of encryption algorithm starts out with the key setup, which proves to be the most difficult process.

Stream ciphers are typically based on the LFSRs, or Linear Feedback Shift Registers. This though, might not be as effective in software as it is in hardware. However, RC4 does not use the LFSRs which make it ideal for implementation on software, with only byte manipulation requirement. Meanwhile, it is also important to note that RC4 is also widely implemented in hardware since it is very easy to develop.

As mentioned above, the RC4 is very vulnerable to attacks and criticism because it has failed to meet cryptographers’ standards for a secure stream cipher. Hence, if you are using a new application, you might not want to consider using the RC4.

The RC4 works differently from modern stream ciphers because it does not separate nonce from the key. Hence, when a single long-term key is used to encrypt several streams, there is still a need for the cryptosystem to identify the combination of the nonce and long-term key before it generates the RC4 stream key.