designed by RSA Data Security, Inc.
which can accept keys
of arbitrary length, and is essentially a pseudo random number generator
with the output of the generator being XOR
ed with the data stream to produce the encrypted data. For this reason, it is very important that the same RC4 key never be used to encrypt two different data streams. The encryption mechanism used to be a trade secret, until someone posted source code for an algorithm
onto Usenet News
, claiming it to be equivalent to RC4. The algorithm is very fast, its security is unknown, but breaking it does not seem trivial either. There is very strong evidence that the posted algorithm is indeed equivalent to RC4.
The United States government routinely approves RC4 with 40-bit keys for export. Keys this small can be easily broken by governments, criminals, and amateurs. The exportable version of Netscape
's Secure Socket Layer
, which uses RC4-40, was broken by at least two independent groups. Breaking it took about eight days; in many universities or companies the same computing power is available to any computer science student.
See also Damien Doligez's SSL cracking page (http://pauillac.inria.fr/~doligez/ssl/), RC4 Source and Information (http://cs.hut.fi/crypto/rc4), SSLeay (http://cs.hut.fi/crypto/software.html#ssleay), Crypto++ (http://cs.hut.fi/crypto/software.html#crypto++), Ssh (http://cs.hut.fi/crypto/software.html#ssh), A collection of articles (http://cs.hut.fi/crypto/rc4-breaking).