Extra Systems

CYPHERNET

RC4 stream cipher algorithm

The RC4 stream encryption algorithm (created by Ron Rivest in 1987) is a classic in its field, but has recently been criticized for its vulnerability in WEP and TLS. However, a closer look shows that in these cases it was not RC4 itself that was vulnerable, but its unfortunate combination with the specified protocols. Those who wish can delve into the details themselves, but here we will only note that the vulnerabilities of RC4 in combination with WEP and TLS described in the cryptological literature have nothing to do with our system, since the loopholes through which the hack was carried out there are completely absent in Extra Systems Cypher Net.

The implementation of the RC4 stream encryption algorithm in our system is performed as follows: 

typedef struct rc4_key
{      
     unsigned char state[256];       
     unsigned char x;        
     unsigned char y;
} rc4_key;

void swap_byte(unsigned char *a, unsigned char *b)
{
     unsigned char swapByte; 
     swapByte = *a; 
     *a = *b;      
     *b = swapByte;
 }

void prepare_rc4_key(unsigned char *key_data_ptr, int key_data_len, rc4_key *key)
{
     unsigned char swapByte;
     unsigned char index1, index2;
     unsigned char* state;
     short counter;     
     state = &key->state[0];         
     for(counter = 0; counter < 256; counter++) state[counter] = counter;               
     key->x = 0; key->y = 0;     
     index1 = 0; index2 = 0;             
     for(counter = 0; counter < 256; counter++)      
     {               
          index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;                
          swap_byte(&state[counter], &state[index2]);            
          index1 = (index1 + 1) % key_data_len;  
     }       
 }
 
void rc4_crypt_buffer(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
{ 
     unsigned char x, y;
     unsigned char* state;
     unsigned char xorIndex;
     short counter;              
     x = key->x; y = key->y;     
     state = &key->state[0];         
     for(counter = 0; counter < buffer_len; counter++)      
     {               
          x = (x + 1) % 256;                      
          y = (state[x] + y) % 256;               
          swap_byte(&state[x], &state[y]);                        
          xorIndex = (state[x] + state[y]) % 256;                 
          buffer_ptr[counter] ^= state[xorIndex];         
      }               
      key->x = x;     
      key->y = y;
}

rc4_key rc4_key_table;

void print_crypt_params(void)
{
	printf("Ключ шифрования RSA: %d бит\n", RSA_KEY_BITS);
	printf("Ключ шифрования RC4: %d бит\n\n", PACKED_SESSION_KEY_LENTH * 8);
}

void make_crypt_key_table(void) { prepare_rc4_key(common_key.packed, PACKED_SESSION_KEY_LENTH, &rc4_key_table); }
void encrypt_buffer(unsigned char *buffer_ptr, int buffer_len) { rc4_crypt_buffer(buffer_ptr, buffer_len, &rc4_key_table); }
void decrypt_buffer(unsigned char *buffer_ptr, int buffer_len) { rc4_crypt_buffer(buffer_ptr, buffer_len, &rc4_key_table); }

The content of this page is also available in French, German, Ukrainian and Russian.

© Extra Systems, 2024 Extra Web Top