From OpenSSLWiki
Jump to navigationJump to search

The RC4 algorithm is a stream cipher developed by Ron Rivest in 1987. RC4 was a trade secret famously leaked in 1994 to the cypherpunks mailing list. A little over a year after RC4 was leaked, Andrew Roos posted a paper to the sci.crypt newsgroup claiming he discovered a weakness in RC4's keystream generation. Specifically, Roo claimed to have found evidence to suggest the concatenated initialization vectors used by the stream cipher were a significant vulnerability. Roo was proven right years later, with the infamous failure of the new (at the time) WEP standard.