RC4 Encryption AlgorithmRC4 encryption algorithm is the number one in the famous RSA trio Ron Rivest designed a variable-length stream encryption algorithm cluster in 1987. It is called a cluster, because its core part of the S-box length can be arbitrary, but generally 256 bytes. The speed of the algorithm can reach about 10 times times of DES encryption, and it has a high level of nonlinearity. RC4 was originally used to protect trade secrets. But in September 1994, its algorithms were posted on the Internet, and there was no more trade secrets. RC4 is also called ARC4 (alleged rc4--so-called RC4), because RSA has never formally published this algorithm.principleThe principle of RC4 algorithm is very simple, including two parts: initialization algorithm (KSA) and pseudo-random codon generation algorithm (Prga). Suppose the length of the S-box is 256 and the key length is Len. First look at the initialization of the algorithm (denoted by the C code): wherein, the parameter 1 is a 256-length char array, defined as: unsigned char sbox[256]; parameter 2 is a key, its contents can be arbitrarily defined: char key[256]; parameter 3 is the length of the key, Len = strlen (key), void Rc4_init (unsigned char *s, unsigned char *key, unsigned long Len) {int I =0, j = 0, k[256] = {0};uns igned char tmp = 0;for (i=0;i<256;i++) {S[i]=i;k[i]=key[i%len];} for (i=0; i<256; i++) {j= (j+s[i]+k[i])%256;tmp = s[i];s[i] = s[j]; //interchange s[i] and s[j]s[j] = tmp;}} During initialization, the main function of the key is to disturb the s-box, I ensure that each element of the S-box is processed, and J guarantees that the S-box is randomly disturbed. The different s-box can get different sub-key sequences after the pseudo-random codon generation algorithm, and the XOR operation between S-box and plaintext is obtained, and the decryption process is identical. Then take a look at the encryption part of the algorithm (denoted by C code): wherein, the parameter 1 is the upper Rc4_init function, the s-box is disturbed; parameter 2 is data that needs to be encrypted, and parameter 3 is the length of the database. void Rc4_crypt (unsigned char *s, unsigned char *data, unsigned long Len) {int x = 0, y = 0, t = 0, i = 0;unsigned char tmp;for (i=0;i<len;i++) {x= (x+1)%256 ; y= (y+s[x])%256;tmp = s[x];s[x] = s[y]; //interchange s[x] and s[y]s[y] = tmp;t= (S[x]+s[y])%256;Data[i] ^= s[ T];}} Finally, in the main function, the order of the calls is as follows: VOID Main () {unsigned char s[256] = {0};//s-boxchar key[256] = {"Just for test"};char pdata[512] = "This is an encrypted data"; ULONG len = strlen (pData);p rintf ("PData =%s\n", pData);p rintf ("key =%s, length =%d\n", Key,strlen (key)); Rc4_init (s), ( unsigned char *) Key,strlen (key));//Initialize Rc4_crypt (s, (unsigned char *) pdata,len);//Encryption printf ("PData =%s\n\n", pData); RC4 _crypt (S, (unsigned char *) pdata,len);//Decrypt printf ("PData =%s\n\n", pData);} So the final complete program is://program started #include<stdio.h> #include <string.h>typedef unsigned long ulong;void rc4_init (unsigned Char *s, unsigned char *key, unsigned long Len)//initialization function {int I =0, j = 0;char k[256] = {0};unsigned char tmp = 0;for (i=0;i& lt;256;i++) {S[i]=i;k[i]=key[i%len];} for (i=0; i<256; i++) {j= (j+s[i]+k[i])%256;tmp = s[i];s[i] = S[j];//interchange S[i] and s[j]s[j] = tmp;}} void Rc4_crypt (unsigned char *s, unsigned char *data, unsigned long Len)//Add decryption {int i = 0, j = 0, t = 0;unsigned long k = 0 ; unsigned char tmp;for (k=0;k<len;k++) {i= (i+1)%256;j= (j+s[i])%256;tmp = s[i];s[i] = s[j]; Exchange S[x] and s[y]s[j] = tmp;t= (S[i]+s[j])%256;data[k] ^= s[t];}} void Main () {unsigned char s[256] = {0},s2[256] = {0}; //s-boxchar key[256] = {"Just for test"};char pdata[512 ] = "This is a data for encryption"; ULONG len = strlen (pData);p rintf ("PData =%s\n", pData);p rintf ("key =%s, length =%d\n\n", Key,strlen (key)); Rc4_init (s), ( unsigned char *) Key,strlen (key)); //has completed initializing printf ("Complete the initialization of s[i], as follows: \ n"); for (int i=0; i<256; i++) { printf ("%-3d", S[i]);} printf ("\ n"); for (i=0;i<256;i++)//with S2[i] temporarily retains the initialized s[i], very important!!! {s2[i]=s[i];} printf ("Already initialized, now encrypted: \ n"); Rc4_crypt (S, (unsigned char *) pdata,len);//Cryptographic printf ("PData =%s\n\n", pData);p rintf ("already encrypted, Now decrypt: \ n "); Rc4_init (S, (unsigned char *) key, strlen (key)); //initialize key rc4_crypt (S2, (unsigned char *) PData, len);//Decrypt printf ("PData =%s\n\n", pData);} Program finishedVulnerabilityBecause the RC4 algorithm encryption is the XOR, so, once the sub-key sequence has been duplicated, ciphertext can be cracked. For more information on how to hack XOR encryption, please see the 1.4 Simple XOR in Applied cryptography of Bruce Schneier, which I will not dwell on. So, does the RC4 algorithm generate a sub-key sequence that repeats itself? Because there is a partial weak key, so that the sub-key sequence in less than 1 million bytes of complete duplication, if it is partially repeated, it may occur in less than 100,000 bytes can be duplicated, so it is recommended that when using the RC4 algorithm, the encryption key must be tested to determine whether it is a weak key. Its shortcomings are mainly reflected in the wireless network in the IV (initialization vector) invariance vulnerability. Moreover, according to the current analysis results, no analysis for the key length of 128-bit RC4 effective, so, RC4 is one of the most secure encryption algorithm, you can rest assured that use!
RC4 encryption and decryption algorithm principle and complete source code example demonstration