# What is RC4 Encryption? – GeeksforGeeks

### Why Encryption Is Important?

Unauthorized data entree can be prevented by encoding. If we perform encoding then third parties can not have access to data which we plowshare or receive. The encoding is done by using a clandestine key, or we can say that by using a public key and secret key. Both transmitter and recipient are having their populace key and private identify through which encoding of complain text and decoding of ciphertext is performed .

### History of RC4 Encryption

RC4 was designed by Ron Rivest in 1987. He was working under RSA Security. Rivest Cipher 4 is an official identify while it is besides known as Ron ’ sulfur Code. Initially, RC4 was trade wind secret but once it ’ mho code scatter in the public world it was no more a trade secret. While Ron did not reveal the RC4 algorithm until 2014 when he described the history of RC4 in English Wikipedia .

### Applications of RC4

RC4 is used in versatile applications such as WEP from 1997 and WPA from 2003. We besides find applications of RC4 in SSL from 1995 and it is a successor of TLS from 1999. RC4 is used in vary applications because of its simplicity, speed, and simplified execution in both software and hardware.

### Types of RC4

There are respective types of RC4 such as Spritz, RC4A, VMPC, and RC4A .

**SPRITZ:**Spritz can be used to build a cryptographic hash function, a deterministic random bit generator (DRBG), n an encryption algorithm that supports authenticated encryption with associated data (AEAD).**RC4A:**Souraduyti Paul and Bart Preneel have proposed an RC4 variant, which they call RC4A, which is stronger than RC4.**VMPC:**VMPC is another variant of RC4 which stands for Variably Modified Permutation Composition.**RC4A+:**RC4A+ is a modified version of RC4 with a more complex three-phase key schedule which takes about three times as long as RC4 and a more complex output function which performs four additional lookups in the S array for each byte output, taking approximately 1.7 times as long as basic RC4.

### Algorithm

The algorithm operates on a user-selected variable-length key ( K ) of 1 to 256 bytes ( 8 to 2048 bits ), typically between 5 and 16 bytes. To generate a 256-byte state vector S, the overlord key is used.

The first pace is the array low-level formatting. It is a character array of size 256 i.e. S [ 256 ]. After that, for every element of the array, we initialize s [ one ] to i .

Code for array initialization:Char S[256]; int i; for(i=0;i<256;i++) S[i] = i The array will look like - S[] = {0, 1, 2, 3, ------, 254, 255}

After this, we will run the **KSA algorithm-** KSA is going to use the secret key to scramble this align. KSA is a bare iteration, in which we are having two variable one and j. We are using these variables to rearrange the array. Rearranging the array is done by using a hidden key .

Code for KSA (Key Scheduling Algorithm ) :int i, j=0; for(i=0;i<256;i++) { j=( j + S[i] + T[i]) mod 256; Swap(S[i], S[j]); }

KSA has been scrambled, S [ 256 ] range is used to generate the PRGA ( Pseudo Random Generation Algorithm ). This is the actual Keystream .

Code for PRGA ( Pseudo Random Generation Algorithm ):i=j=0; while(true) { i = ( i + 1 ) mod 256; j = ( j + S[i] ) mod 256; Swap( S[i], S[j] ); t = ( S[i] + S[j] ) mod 256 ; k = S[t]; }

This is the following step of scrambling.

Read more: A Few Thoughts on Cryptographic Engineering

### RC4 Block Diagram

### Working of RC4

#### Encryption Procedure

- The user inputs a plain text file and a secret key.
- The encryption engine then generates the keystream by using KSA and PRGA Algorithm.
- This keystream is now XOR with the plain text, this XORing is done byte by byte to produce the encrypted text.
- The encrypted text is then sent to the intended receiver, the intended receiver will then decrypted the text and after decryption, the receiver will get the original plain text.

#### Decryption Procedure

decoding is achieved by doing the same byte-wise X-OR operation on the Ciphertext. **Example: ** Let A be the plain text and B be the keystream ( A xor B ) xor B = A

### Advantages

- RC4 stream ciphers are simple to use.
- The speed of operation in RC4 is fast as compared to other ciphers.
- RC4 stream ciphers are strong in coding and easy to implement.
- RC4 stream ciphers do not require more memory.
- RC4 stream ciphers are implemented on large streams of data.

### Disadvantages

- If RC4 is not used with strong MAC then encryption is vulnerable to a bit-flipping attack.
- RC4 stream ciphers do not provide authentication.
- RC4 algorithm requires additional analysis before including new systems.
- RC4 stream ciphers cannot be implemented on small streams of data.
- RC4 fails to discard the beginning of output keystream or fails to use non-random or related keys for the algorithm.

My Personal Notes

Read more: Ciphertext indistinguishability - Wikipedia

*arrow_drop_up*