2009
03.02

xRC4

Category: Coding, Cryptography / Tag:  / Add Comment

Hello,
This is my second post in this blog.
Today I will explain the RC4 algorithm, and will also provide my implementation.
RC4 is a stream cipher created by Ronald Rivest in 1987.
Quoted from wikipedia:

RC4 was initially a trade secret, but in September 1994 a description of it was anonymously posted to the Cypherpunks mailing list[3]. It was soon posted on the sci.crypt newsgroup, and from there to many sites on the Internet. The leaked code was confirmed to be genuine as its output was found to match that of proprietary software using licensed RC4. Because the algorithm is known, it is no longer a trade secret.


A stream cipher is a symmetric key cipher, in which every byte (or bit) of the plaintext is merged/combined/XORed with a pseudorandom byte calculated from the key.
Now, a symmetric key cipher is a cryptographic algorithm, that the decryption key can be calculated from the encryption key.
In RC4′s case, the encryption key is the same as the decryption key.

The RC4 implementation includes two steps:
1. The S-Box generation
2. The ciphertext generation

1. The S-Box generation

A S-Box (Substitution box) is an array of bytes, that when combined with the plaintext, gives us the ciphertext, and in symmetric key algorithms, when combined with the ciphertext restores the original plaintext.
RC4 uses a 256 byte S-Box, but I’ve implemented it so you can make S-Box any size you want.
Generating the S-Box is very easy. First it must be initialized to the identity permutation.
It is done like so: S[0] = 0; S[1] = 1; …S[n] = n;
Two variables are used for the next steps: i and j.
For every element of S, j is set to the sum of itself, S[i], keystream[i modulo keylength] then a modulo operation is done against j.
Then S[i] is swapped with S[j].
The modulo operation makes sure that both the keystream and j itself, doesn’t go out of the boundaries.
Here is the code:

for(i = 0; i < _sSize; i++)
_S[i] = i;
for(i = j = 0; i < _sSize; i++) {
    j = (j + _S[i] + key[i % keyLen]) % _sSize;
    __xswap(_S[i], _S[j]);
}

There, we got ourselves the first step.

2. The ciphertext generation

The second step is simple too.
First i and j are initialized to zero.
Then for every character of the plaintext, i is set to i + 1, then a modulo operation is done against it, while j is set to itself plus S[i], and a modulo operation is done against j too.
The first modulo operation makes sure that S[i] doesn’t access out of boundary bytes.
After that, S[S[i] + S[j] modulo _sSize] is XOR’ed with the current plaintext body.
Here is the code:

i = j = 0;
while(*__inp) {
    i = (i + 1) % _sSize;
    j = (j + _S[i]) % _sSize;
    __xswap(_S[i], _S[j]);
    *__outp++ = _S[(_S[i] + _S[j]) % _sSize] ^ *__inp++;
}
*__outp = 0;

You can download the full project here.
It is located in my public archive, where I will be posting other interesting stuff.
For every update of the public archive, I will make a post here.
I hope you enjoyed it :)
Feel free to post a comment.
In the following days I will be working on my RSA implementation (yeah, I’m into cryptography lately :p).

No Comment.

Add Your Comment

Your Comment