The RC4 algorithm was designed by Ron Rivest of RSA Security in 1987 and is most commonly used to protect Internet...
traffic using the SSL (Secure Sockets Layer) protocol. Stream ciphers can be thought of as seeded random number generators -- the seed being the key -- with the random numbers being combined with the plain text to generate ciphertext. With RSA keys, it is important to use the 128-bit version, because the 40-bit version can be exploited. Also, ensure that the application follows the recommended practice for key generation. With stream ciphers, it's important to generate a new key for each piece of encrypted data, otherwise an attacker can mount a successful attack by analyzing a large number of messages encrypted with the same key. Poor implementation of key generation has resulted in successful attacks against WEP (Wired Equivalent Privacy) systems. The recommended solution to the flaws in WEP is to switch to Wi-Fi Protected Access (WPA or WPA2). WPA uses the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used.
Dig Deeper on Email Security Guidelines, Encryption and Appliances
Related Q&A from Michael Cobb
What is BGP hijacking or IP hijacking and how do cybercriminals pull off the attacks? Expert Michael Cobb explains how enterprises can mitigate these...continue reading
Is the Dell eDellRoot security threat a serious problem and, if so, can it be prevented with self-signed root certificate authorities? Expert Michael...continue reading
What does FIPS 140-2 Level 2 certification for devices cover? Expert Michael Cobb explains the FIPS 140-2 security standard and how vendors use it in...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.