Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
RC4
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{short description|Stream cipher}} {{About|the stream cipher}} {{Use dmy dates|date=December 2015}} {{Infobox encryption method |name = RC4 |image = |caption = |designers = [[Ron Rivest]] ([[RSA Security]]) |publish date = Leaked in 1994<br/>(designed in 1987) |series = |derived from = |related to = |certification = |key size = 40β{{val|2048}} bits |security claim = |state size = {{val|2064}} bits ({{val|1684}} effective) |structure = |rounds = 1 |speed = 7 cycles per byte on [[Intel P5 (microarchitecture)|original Pentium]]<ref>{{cite conference |author1=P. Prasithsangaree |author2=P. Krishnamurthy |conference=GLOBECOM '03 |publisher=IEEE |year=2003 |title=Analysis of Energy Consumption of RC4 and AES Algorithms in Wireless LANs |url=http://www.sis.pitt.edu/~is3966/group5_paper2.pdf |archive-url=https://web.archive.org/web/20131203082918/http://www.sis.pitt.edu/~is3966/group5_paper2.pdf |archive-date=3 December 2013 |url-status=dead }}</ref><br>Modified Alleged RC4 on Intel Core 2: 13.9 cycles per byte<ref>{{cite web |title=Crypto++ 5.6.0 Benchmarks |url=http://www.cryptopp.com/benchmarks.html |access-date=22 September 2015}}</ref> |cryptanalysis = }} In [[cryptography]], '''RC4''' (Rivest Cipher 4, also known as '''ARC4''' or '''ARCFOUR''', meaning Alleged RC4, see below) is a [[stream cipher]]. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure.<ref name=rfc7465>{{cite IETF |rfc=7465 |author=Andrei Popov |date=February 2015 |title=Prohibiting RC4 Cipher Suites }}</ref><ref>{{cite news |url=http://www.computerworld.com/article/2489395/encryption/microsoft-continues-rc4-encryption-phase-out-plan-with--net-security-updates.html |author=Lucian Constantin |date=14 May 2014 |title=Microsoft continues RC4 encryption phase-out plan with .NET security updates |work=ComputerWorld }}</ref> It is especially vulnerable when the beginning of the output [[keystream]] is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure [[Cryptographic protocol|protocol]]s such as [[Wired Equivalent Privacy|WEP]].<ref>{{citation |page=77 |year=2014 |author1=J. Katz |author2=Y. Lindell |title=Introduction to Modern Cryptography |publisher=Chapman and Hall/CRC}}.</ref> {{As of|2015}}, there is speculation that some state cryptologic agencies may possess the capability to break RC4 when used in the [[Transport Layer Security|TLS protocol]].<ref name=Leyden20130906/> [[IETF]] has published RFC 7465 to prohibit the use of RC4 in TLS;<ref name=rfc7465 /> [[Mozilla]] and [[Microsoft]] have issued similar recommendations.<ref>{{cite web|url=https://wiki.mozilla.org/Security/Server_Side_TLS|title=Mozilla Security Server Side TLS Recommended Configurations|publisher=Mozilla|access-date=2015-01-03}}</ref><ref>{{cite web|url=http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx|title=Security Advisory 2868725: Recommendation to disable RC4|date=12 November 2013|publisher=Microsoft|access-date=2013-12-04}}</ref> A number of attempts have been made to strengthen RC4, notably Spritz, RC4A, [[Variably Modified Permutation Composition|VMPC]], and RC4<sup>+</sup>.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)