Difference between revisions of "RC4"

From OpenSSLWiki
Jump to navigationJump to search
(Added a source for the weaknesses in the WEP protocol)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
The '''RC4''' algorithm is a [[Stream Cipher|stream cipher]] developed by [https://en.wikipedia.org/wiki/Ron_Rivest Ron Rivest] in 1987. [https://en.wikipedia.org/wiki/RC4 RC4] was a trade secret [http://web.archive.org/web/20061024160937/http://cypherpunks.venona.com/date/1994/09/msg00304.html famously leaked] in 1994 to the [https://en.wikipedia.org/wiki/Cypherpunk cypherpunks] mailing list. A little over a year after RC4 was leaked, Andrew Roos posted a [https://netfuture.ch/1995/09/weak-keys-in-rc4/ paper] to the [https://en.wikipedia.org/wiki/Cryptography_newsgroups sci.crypt] newsgroup claiming he discovered a weakness in RC4's keystream generation. Specifically, Roo claimed to have found [https://blog.cryptographyengineering.com/2011/12/15/whats-deal-with-rc4/ evidence to suggest] the concatenated initialization vectors used by the stream cipher were a significant vulnerability. Roo was proven right years later, with the [https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#Weak_security infamous] [https://eprint.iacr.org/2007/471 failure] of the new (at the time) [https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy WEP] standard.
 +
 
[[Category:Cryptographic Algorithm]]
 
[[Category:Cryptographic Algorithm]]
 
[[Category:Stream Cipher]]
 
[[Category:Stream Cipher]]
[[Category:Private Key Algorithm]]
+
[[Category:Secret Key Algorithm]]
[[Category:Trademark]]
+
[[Category:Legal]]

Latest revision as of 07:13, 29 July 2019

The RC4 algorithm is a stream cipher developed by Ron Rivest in 1987. RC4 was a trade secret famously leaked in 1994 to the cypherpunks mailing list. A little over a year after RC4 was leaked, Andrew Roos posted a paper to the sci.crypt newsgroup claiming he discovered a weakness in RC4's keystream generation. Specifically, Roo claimed to have found evidence to suggest the concatenated initialization vectors used by the stream cipher were a significant vulnerability. Roo was proven right years later, with the infamous failure of the new (at the time) WEP standard.