Editing RC4 (section)

==History==
RC4 was designed by [[Ron Rivest]] of [[RSA Security]] in 1987. While it is officially termed "Rivest Cipher 4", the RC acronym is alternatively understood to stand for "Ron's Code"<ref>{{cite web| url = http://people.csail.mit.edu/rivest/faq.html#Ron| title = Rivest FAQ}}</ref> (see also [[RC2]], [[RC5]] and [[RC6]]).

RC4 was initially a [[trade secret]], but in September 1994, a description of it was anonymously posted to the [[Cypherpunk]]s mailing list.<ref>{{cite mailing list|url=http://cypherpunks.venona.com/date/1994/09/msg00304.html |title=Thank you Bob Anderson |date=9 September 1994 |access-date=2007-05-28 |mailing-list=[[Cypherpunk]]s |url-status=dead |archive-url=https://web.archive.org/web/20010722163902/http://cypherpunks.venona.com/date/1994/09/msg00304.html |archive-date=22 July 2001 }}</ref> It was soon posted on the [[sci.crypt]] [[newsgroup]], where it was [[Distinguishing attack|broken]] within days by [[Robert John Jenkins Junior|Bob Jenkins]].<ref>{{cite newsgroup
| author = Bob Jenkins
| title = Re: RC4 ?
| date = 1994-09-15
| newsgroup = sci.crypt
| message-id = 359qjg$55v$1@mhadg.production.compuserve.com
| url = https://groups.google.com/d/msg/sci.crypt/JsO3xEATGFA/-wO4ttv7BCYJ
}}</ref> From there, it spread to many sites on the Internet. The leaked code was confirmed to be genuine, as its output was found to match that of proprietary software using licensed RC4. Because the algorithm is known, it is no longer a trade secret. The name ''RC4'' is trademarked, so RC4 is often referred to as ''ARCFOUR'' or ''ARC4'' (meaning ''alleged RC4'')<ref>{{cite web|title=Manual Pages: arc4random|url=https://man.openbsd.org/OpenBSD-5.4/arc4random.3|access-date=2 February 2018|date=5 June 2013}}</ref> to avoid trademark problems. [[RSA Security]] has never officially released the algorithm; Rivest has, however, linked to the [[English Wikipedia]] article on RC4 in his own course notes in 2008<ref>{{cite web| url = http://courses.csail.mit.edu/6.857/2008/lecture.html| title = 6.857 Computer and Network Security Spring 2008: Lectures and Handouts}}</ref> and confirmed the history of RC4 and its code in a 2014 paper by him.<ref name="Rivest2014"/>

RC4 became part of some commonly used encryption protocols and standards, such as [[Wired Equivalent Privacy|WEP]] in 1997 and [[Wi-Fi Protected Access|WPA]] in 2003/2004 for wireless cards; and [[Secure Sockets Layer|SSL]] in 1995 and its successor [[Transport Layer Security|TLS]] in 1999, until it was prohibited for all versions of TLS by RFC 7465 in 2015, due to the [[Transport Layer Security#RC4 attacks|RC4 attacks]] weakening or breaking RC4 used in SSL/TLS. The main factors in RC4's success over such a wide range of applications have been its speed and simplicity: efficient implementations in both software and hardware were very easy to develop.