Stream Ciphers in Practice
Let's introduce two stream ciphers.
- RC4 (Rivest Cipher 4) is a symmetric stream cipher algorithm Designed in 1987 by Ron Rivest for RSA Security. Facts about RC4:
- It uses a seed of variable size: the key can be up to 2,048 bits long.
- The algorithm takes this seed and generates a pseudo-random stream of bits called the keystream.
- Ciphertext is then obtained by XORing the plaintext with the keysteam.
- RC4 was widely adopted and used in many popular protocols including WEP, WPA, HTTPS, SSL/TLS due to its simplicity and speed.
- However, attacks in 2015 on RC4, such as the NO MORE attack, deemed it insecure for use.
- Many other vulnerabilities were discovered later, such as the increased chance of getting more 0s than 1s, making it prone to attacks.
- RC4 shouldn't be used anymore: any protocol using RC4 is vulnerable to attacks. SSL/TLS ditched RC4 in 2015.