Q

What is RC4?

What is RC4? What is the encryption strength of RC4? How does it compare to AES?


RC4 was developed in 1987 by Ron Rivest (the "R" in RSA). It's been quietly used in a variety of applications since then but came to prominence when it was adopted as the security foundation for the 802.11b WEP (Wireless Equivalent Privacy) wireless LAN standard.

RC4 is a Vernam Cipher, using a 24-bit initialization vector (IV) to create key lengths of 40 or 128 bits.

However, a growing number of published studies have found significant weaknesses in the structure and key generation of RC4, prompting the claim by a number of commentators that the algorithm is "unsafe at any key size."

AES is the Rijndael (pronounced Rhine Doll) encryption algorithm chosen in October 2000 by the NIST as the new Advanced Encryption Standard to officially replace DES.

AES has key sizes of 128, 192 and 256 bits. To give you some idea of how secure AES is believed to be, here's how the NIST compares it to DES:

"Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old."


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Encryption
Ask the Expert: Encryption algorithms
Ask the Expert: The differences between AES and DES


This was first published in June 2002

Dig deeper on Disk Encryption and File Encryption

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close