Rc4 encryption basics at Security-Freak.net

Coming Soon:

Total Page Views
Since 05/22/2007

We Support:

Encryption Basics Using RC4

Encryption is one of the most important advances in the history of communication itself. Before it, all communication was insecure and open to eavesdropping by unauthorized third party.

Almost all important messages today are protected by encryption to make their transmission safe. As a budding security professional one needs to know how encryption works and how to implement an encyption algorithmn if needed.

A complete discusson of encryption us beyond the scope of this section and to make things easier to understand we will limit this section to discussing the RC4 encyption scheme only which is used in SSL in http communication and in WEP in 802.11 wireless networks.

The presentation can be downloaded here for viewing.

To summarize the above presentation, RC4 contains 3 steps:

1. Initialization ( Initialize the S array to identity values)
2. Key Scheduling Algorithm (KSA)
3. Pseudo-Random Generation Algorithmn (PRGA)

The RC4 works on an array of 256 bytes to generate a pseudo random number sequence which is used as keystream to encrypt data. It is very tough to visualize the algorithmn with such a large array unless you are Mr Ron Rivest himself :) (inventor of RC4) . So for the sake of understanding the concept we will take an array size of 10 bytes to illustrate the concept.

Please download this code (zip file) before watching the simulation video below.

I am sure the simulation must have cleared your concepts. It would be advisable to change the values and run the simulation a couple of times to get a hang of things.

Now lets try and implement a File Encryption program based on what we have learnt till now. Download this code and follow the next video carefully.

The File Encryption program discussed above can accept any key size lesser than 256 bytes. Though the program currently supports strings only, it can be trivially modified to support any hex value. This is left as a simple exercise to the reader.

The File Decryption program for Symmetric Key encryption is essentially the same as the Encryption program. The reason is actually quite simple. For a given key (without a salt) the keystream generated will always be the same. They keystream is xor'ed and XOR has a simple property :

(A xor B) xor B = A

A = Plain Text
B = Keystream

What that means is if we use the same File Encryption program and enter the original key used to encrypt the file and input the encrypted file , then the output file generated will same as the original plaintext file. The above video talks about the File Decryption process as well.

In the end we also touch upon the concept of the "Salt". Simple put Salt is basically a couple of bytes which are either prepended or appended to the secret key before generating the encryption keystream. In the case of Rc4 the Salt is generally prepended as in the case of WEP for 802.11 networks.

The presense of the Salt makes sure that the same key will generate a different keystream everytime. Of course the Salt would also have to be sent to the receiver so that he can prepend it to the key before generating the keystream to decrypt the file. Though it might seem at first glance that what is the use of a salt if you anyway are going to reveal it while transmission ? The answer lies in a more rigourous mathematical analysis of the encryption process which in the end deuces that even if the salt is revealed it is not "simple" to figure out information about the key.

With this i would end this section. Please send your feedback here.