**RC4 is a symmetric cipher algorithm, which belongs to a sequence cipher (Streamcipher, also known as a stream password) in a symmetric cipher algorithm, which is a variable key length and a stream password oriented to byte operations** .

RC4 is one of the stream cipher Streamcipher, which is a sequence cipher. The RC4 encryption algorithm is a variable-length cryptographic algorithm cluster designed by Ron Rivest in 1987. At first the algorithm was a trade secret, and it was not public until 1994. Because RC4 has the advantages of simple algorithm, fast operation speed and easy implementation of hardware and software, it has been widely used in some protocols and standards.

The **stream password is also a symmetric password, but unlike the packet encryption algorithm, the stream password does not group the plaintext data, but instead uses the key to generate a cipher stream with the same length as the plaintext to encrypt the plaintext, and decrypt the same key** .

RC4 algorithm Features: (1), the algorithm is simple and easy to implement software, fast encryption, high security, (2), the key length variable, generally with 256 bytes.

There are four ways to work with symmetric ciphers: electronic cipher (ECB, electronic codebook), cipher packet chaining (CBC, cipherblock chaining), ciphertext feedback (CFB, cipher-feedback) mode, Output Feedback (OFB, output-feedback) mode.

**the RC4 algorithm uses output feedback to work, so a relatively long key sequence can be generated with a short** key.

The biggest advantage of the OFB approach is that if an error occurs (this means that one of the messages has changed, rather than one of the messages being lost), the error is not passed to the resulting key sequence; The disadvantage is that the insertion attack is sensitive and the requirements for synchronization are high.

The execution speed of the RC4 is quite fast, it is about 5 times times The Block cipher Algorithm DES, is 15 times times the 3DES, and much faster than the Advanced encryption algorithm AES. The RC4 algorithm is simple and easy to implement. RC4 's security guarantee mainly lies in the input key generation path, as long as there is no loophole in this area, the use of 128bit key is very safe.

RC4 algorithm encryption process: including key scheduling algorithm KSA and pseudo-random sub-cipher generation algorithm Prga two parts (with a key length of 256 bytes for example).

Key scheduling algorithm: First initialize the state vector s, the values of elements in vector s are sorted in ascending order from 0 to 255, i.e. s[0]=00, S[1]=1, ..., s[255]=255. At the same time, establish a temporary vector t, if the length of the key K is 256 bytes, the k is assigned to T. Otherwise, if the key length is keylen bytes, the value of K is assigned to the first Keylen element of T, and the value of K is repeated to the remaining elements of T, until all the elements of T are assigned a value. These pre-operations can be summarized as follows:

/* Initialize */

Fori = 0 to 255 do

s[i]= i;

t[i]= k[i MoD Keylen];

Then use T to generate the initial permutation of S, from s[0] to s[255], for each s[i], according to the scheme determined by t[i], to displace the s[i] to another byte in S:

Initial sequence of/*s */

j= 0

Fori = 0 to 255 do

J= (j + s[i] + t[i]) mod 256

Swap (s[i],s[j]);

Because the operation of S is only an exchange, the only change is the change in order. s still contains all elements from 0 to 255, in the process of initialization, the key function is to disturb the S-box, the variable i in the code ensures that each element of the S-box is processed, and the variable J guarantees that the S-box is randomly disturbed. So different s-box can get different sub-key sequences after the pseudo-random codon generation algorithm, and the sequence is random.

Pseudo-Random sequence generation algorithm: Once the vector s is initialized, the input key is no longer used. The key stream is generated from s[0] to s[255], for each s[i], and the other byte in the S is replaced by the value of the current S, S[i]. When s[255] completes the permutation, the operation continues to repeat, starting with s[0]:

/* Key Stream Generation */

i,j = 0;

while (true)

i= (i + 1) mod 256;

J= (j + s[i]) mod 256;

Swap (s[i],s[j]);

T= (S[i] + s[j]) mod 256;

k= S[t]

Once the pseudo-random sequence is generated, the sub-cipher sub_k is obtained, and the key and plaintext are different or calculated, and the ciphertext is obtained. The decryption process is exactly the same. In encryption, only the value of K is the same as the next plaintext byte, or in the contrary, the value of K is different from the next one or the plaintext information can be restored. The algorithm is described as:

for (i = 0; i < textlength; i + +)

ciphertext[i]= Keystream[i] ^ plaintext[i]

RC4 algorithm has the problem: because the RC4 algorithm has the advantages of simple implementation, fast encryption, low cost of hardware resources, making it into the ranks of the lightweight encryption algorithm. But its simple algorithm structure is also prone to be cracked attack, the RC4 algorithm's encryption strength depends entirely on the key, namely pseudo-random sequence generation, and the real random sequence is impossible to achieve, only pseudo-random. This inevitably occurs when the key is duplicated. The RC4 algorithm, whether encrypted or decrypted, only makes an XOR operation, which means that once the sub-key sequence repeats, the ciphertext is most likely to be cracked.

The specific cracking process is as follows: Jomingwen, the key is any long byte, you can use the Coincident code counting method (counting coincidence) to find the key length. The ciphertext is shifted in various bytes, and the original ciphertext is different or calculated, and the same bytes are counted. If the displacement is a multiple of the key length, then more than 60% of the bytes will be the same, and if not, then only 0.4% of the bytes are the same, which is called the coincident Exponent (index of coincidence). Finds the minimum displacement of the key length multiplier, moves to the ciphertext at this length, and is different from itself. Because the plaintext has 1.3 bits of actual information per byte, there is sufficient redundancy to determine the decryption of the displacements. For all keys, the first few bytes of the output key stream are not random, so it is very likely that the key information will be compromised. If a long-used key is concatenated with a random number to generate the RC4 algorithm key, the long-running key can be obtained by analyzing a large number of ciphertext encrypted by the key. The solution to this problem is to discard the first part of the key stream data.

Rc4is a stream cipher with variable key length. Typically, (+ byte) keys is used for strong encryption, Butshorter insecure key sizes has been widely used due To export restrictions.

1. Rc4_set_key:sets up theb<rc4_key> b<key> using the b<len> bytes long key atb<data>.

2. Rc4:encrypts or decrypts the b<len>bytes of data at b<indata> using b<key> and places the Resul t Atb<outdata>. Repeated RC4 () Callswith the same b<key> yield a continuous key stream. Since RC4 is a streamcipher (the input was xored with a pseudo-random key stream to produce theoutput), decryption uses the Same function calls as encryption.

Here is the test code:

Cryptotest.h:

#ifndef _cryptotest_h_#define _cryptotest_h_#include <string>using namespace std;typedef enum {general = 0,ECB, Cbc,cfb,ofb,triple_ecb,triple_cbc}crypto_mode;string des_encrypt (const string cleartext, const string key, Crypto_ mode mode); string des_decrypt (const string ciphertext, const string key, Crypto_mode mode); string Rc4_encrypt (const Strin G cleartext, const string key); string Rc4_decrypt (const string ciphertext, const string key); #endif//_cryptotest_h_

Rc4test.cpp:

#include "stdafx.h" #include <iostream> #include <string> #include <vector> #include <openssl/ rc4.h> #include "cryptotest.h" using namespace std;string rc4_encrypt (const string cleartext, const string key) {rc4_ KEY rc4key;unsigned char* tmp = new unsigned char[cleartext.length () + 1];memset (tmp, 0, Cleartext.length () + 1); Rc4_set_key (&rc4key, Key.length (), (const unsigned char*) key.c_str ()); RC4 (&rc4key, Cleartext.length (), (const unsigned char*) CLEARTEXT.C_STR (), TMP); string str = (char*) tmp;delete [] tmp ; return str;} String Rc4_decrypt (const string ciphertext, const string key) {Rc4_key rc4key;unsigned char* tmp = new unsigned char[cipher Text.length () + 1];memset (tmp, 0, Ciphertext.length () + 1); Rc4_set_key (&rc4key, Key.length (), (const unsigned char*) key.c_str ()); RC4 (&rc4key, Ciphertext.length (), (const unsigned char*) CIPHERTEXT.C_STR (), TMP); string str = (char*) Tmp;delete [] Tmp;return str;}

Main.cpp:

#include "stdafx.h" #include "cryptotest.h" #include "TestMemory.h" #include <iostream> #include <string> Using namespace Std;void Test_rc4 () {String cleartext = "Beijing, China 12345$abcde%[email protected]!!! "; String ciphertext =" "; string key =" BEIJINGCHINA1234567890ABCDEFGH!!! "; ciphertext = Rc4_encrypt (cleartext, key); string decrypt = Rc4_decrypt (ciphertext, key);cout<< "src cleartext:" <<cleartext<<endl;cout<< "Genarate ciphertext:" <<ciphertext<<endl;cout<< "src Ciphertext: "<<ciphertext<<endl;cout<<" genarate cleartext: "<<decrypt<<endl;if ( strcmp (Cleartext.c_str (), decrypt.c_str ()) = = 0) cout<< "RC4 crypto OK!!!" <<endl;elsecout<< "RC4 Crypto Error!!!" <<endl;}

RC4 Theory Reference: "Research on lightweight encryption algorithm and implementation technology in RFID"

RC4 Introduction to the

Symmetric encryption algorithm and examples of RC4 commonly used functions in OpenSSL