openssl/doc/rc4.doc
1998-12-21 10:52:47 +00:00

45 lines
1.8 KiB
Plaintext

The RC4 library.
RC4 is a stream cipher that operates on a byte stream. It can be used with
any length key but I would recommend normally using 16 bytes.
This library requires the inclusion of 'rc4.h'.
The RC4 encryption function takes what is called an RC4_KEY as an argument.
The RC4_KEY is generated by the RC4_set_key function from the key bytes.
RC4, being a stream cipher, does not have an encryption or decryption mode.
It produces a stream of bytes that the input stream is xor'ed against and
so decryption is just a case of 'encrypting' again with the same key.
I have only put in one 'mode' for RC4 which is the normal one. This means
there is no initialisation vector and there is no feedback of the cipher
text into the cipher. This implies that you should not ever use the
same key twice if you can help it. If you do, you leave yourself open to
known plain text attacks; if you know the plain text and
corresponding cipher text in one message, all messages that used the same
key can have the cipher text decoded for the corresponding positions in the
cipher stream.
The main positive feature of RC4 is that it is a very fast cipher; about 4
times faster that DES. This makes it ideally suited to protocols where the
key is randomly chosen, like SSL.
The functions are as follows:
void RC4_set_key(
RC4_KEY *key;
int len;
unsigned char *data);
This function initialises the RC4_KEY structure with the key passed
in 'data', which is 'len' bytes long. The key data can be any
length but 16 bytes seems to be a good number.
void RC4(
RC4_KEY *key;
unsigned long len;
unsigned char *in;
unsigned char *out);
Do the actual RC4 encryption/decryption. Using the 'key', 'len'
bytes are transformed from 'in' to 'out'. As mentioned above,
decryption is the operation as encryption.