How The Mighty Have Fallen: RC4 — Fast, Compact, and Can Be Insecure
When I started in networking, the world was just getting into wireless communications. For the first time on a local area network, we could communicate with a computer without wires. But, it was a technical disaster — aka WEP (Wired Equivalent Privacy).
WEP broke almost every rule in how to design Wifi security. It used a broadcast encryption key for the whole network, which meant that anyone with the key could read every other packet on the network and decrypt it. It also used a 24-bit IV (Initial Vector), which was too small, and it rolled around within a relatively short period. When this happened, it was then easy to crack the encryption. And, finally, it used RC4. While fast and efficient, it has been shown to have security issues [1]:
For this, Fluher et al showed that there were a large number of weak keys, where the outputs could be guessed for given inputs, and which Klein improved on. When the Fluhrer et al method was uncovered, it caused many — including Ron Rivest — problems in their implementations:
