RC4 Encryption

RC4 is an encryption algorithm.  It is used in WEP and WPA, which are encryption protocols commonly used on wireless routers and also in BitTorrent protocols encryption. Remote Desktop Protocol  ,secure shell and Kerberos , RC4 is one of multiple codes the system can be configured to use. The way RC4 works was a secret until its code was leaked onto the internet in 1994.

RC4’s simplicity and speed were what made it so widely used.

How it works :

To begin the process of RC4 encryption, you will need a key, which is often defined by the user and between 40-bits and 256-bits.

A 40 bit character = 5 character ASCII code

For example the ASCII key “rah12” = 0111001001100001010010000011000100110010 in binary

The key-scheduling algorithm (KSA), listed below (from Wikipedia).

for i from 0 to 255
    S[i] := i
j := 0
for i from 0 to 255
    j := (j + S[i] + key[i mod keylength]) mod 256
    swap values of S[i] and S[j]
  • KSA creates an array S that contains 256 entries with the digits 0 through 255


  • j = [(j + S(i) + key[i mod keylength]) mod 256]
  1. Each of the 256 entries in S are  swapped with the j-th entry in S,
  2. which is calculated to be where j is the previous j value (which is initially zero)
  3. S[i] is the value of the current entry in S.
  4. key[i mod keylength] can either be zero or  one.

For example, if we are at the 54th entry in S and the keylength was 40-bit, then 54 mod 40 = 14.

The 15th element (because numbering for arrays begins at zero) in the binary version of “rah12” is 0.

Then, since i = 0, i mod 256 = 0. So, the element at the index 0 of the key is r, and its ascii value is 114. So, the new j is calculated as
j = [(0 + 0 + 114) mod 256] = 114.

So, swapping the i-th and the j-th elements, we obtain the following array after the first iteration:



The next part of RC4 is the pseudo-random generation algorithm (PRGA). The PRGA is

i := 0
j := 0
while GeneratingOutput:
    i := (i + 1) mod 256
    j := (j + S[i]) mod 256
    swap values of S[i] and S[j]
    K := S[(S[i] + S[j]) mod 256]
    output K

In PRGA, we start with the array S that was swapped in the KSA. In PRGA, an element in S (at index i) is swapped with another element in S (at index j). Then, the next element in the encrypted text is the element of S at the index calculated by (S[i] + S[j] mod 256). At each iteration, i is recalculated as (i + 1) mod 256, and j is recalculated as (j + S[i]) mod 256. The number of iterations performed is the length of the key, and every value of S is swapped at least once beyond 256 iterations (due to the fact that i and j are calculated by some number n mod 256). The result of this is the code.

Strengths of RC4

  • The difficulty of knowing where any value is in the table.
  • The difficulty of knowing which location in the table is used to select each value in the sequence.
  • A particular RC4 Algorithm key can be used only once.



Members of Hackers.mu discovered that there were a lot of software that uses this encryption. We saw that we could make it more secure. Hence we started making patches.

Here is the link : http://hackers.mu/news/operation-crypto-redemption.






Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s