ARC4¶
Warning
ARC4 is not secure. Use ChaCha20-Poly1305 and XChaCha20-Poly1305 or AES (AEX or GCM mode) instead. This module is provided only for legacy purposes.
ARC4 (Alleged RC4) is an implementation of RC4 (Rivest’s Cipher version 4), a symmetric stream cipher designed by Ron Rivest in 1987.
The cipher started as a proprietary design, that was reverse engineered and anonymously posted on Usenet in 1994. The company that owns RC4 (RSA Data Inc.) never confirmed the correctness of the leaked algorithm.
Unlike RC2, the company has never published the full specification of RC4, of which it still holds the trademark.
ARC4 keys can vary in length from 8 to 2048 bits.
One problem of ARC4 is that it does not take a nonce or an IV. If it is required to encrypt multiple messages with the same long-term key, a distinct independent nonce must be created for each message, and a short-term key must be derived from the combination of the long-term key and the nonce. Due to the weak key scheduling algorithm of ARC4, the combination must be carried out with a complex function (e.g. a cryptographic hash) and not by simply concatenating key and nonce.
As an example, encryption can be done as follows:
>>> from Crypto.Cipher import ARC4
>>> from Crypto.Hash import SHA256, HMAC
>>> from Crypto.Random import get_random_bytes
>>>
>>> key = b'Very long and confidential key'
>>> nonce = get_random_bytes(16)
>>> tempkey = HMAC.new(key, nonce, digestmod=SHA256).digest()
>>> cipher = ARC4.new(tempkey)
>>> msg = nonce + cipher.encrypt(b'Open the pod bay doors, HAL')
ARC4 symmetric cipher
ARC4 (Alleged RC4) is an implementation of RC4 (Rivest’s Cipher version 4), a symmetric stream cipher designed by Ron Rivest in 1987.
The cipher started as a proprietary design, that was reverse engineered and anonymously posted on Usenet in 1994. The company that owns RC4 (RSA Data Inc.) never confirmed the correctness of the leaked algorithm.
Unlike RC2, the company has never published the full specification of RC4, of whom it still holds the trademark.
ARC4 keys can vary in length from 40 to 2048 bits.
One problem of ARC4 is that it does not take a nonce or an IV. If it is required to encrypt multiple messages with the same long-term key, a distinct independent nonce must be created for each message, and a short-term key must be derived from the combination of the long-term key and the nonce. Due to the weak key scheduling algorithm of RC2, the combination must be carried out with a complex function (e.g. a cryptographic hash) and not by simply concatenating key and nonce.
New designs should not use ARC4. A good alternative is AES (Crypto.Cipher.AES) in any of the modes that turn it into a stream cipher (OFB, CFB, or CTR).
As an example, encryption can be done as follows:
>>> from Crypto.Cipher import ARC4
>>> from Crypto.Hash import SHA
>>> from Crypto import Random
>>>
>>> key = b'Very long and confidential key'
>>> nonce = Random.new().read(16)
>>> tempkey = SHA.new(key+nonce).digest()
>>> cipher = ARC4.new(tempkey)
>>> msg = nonce + cipher.encrypt(b'Open the pod bay doors, HAL')
- undocumented:
__revision__, __package__
- class Crypto.Cipher.ARC4.ARC4Cipher(key, *args, **kwargs)¶
ARC4 cipher object
- decrypt(ciphertext)¶
Decrypt a piece of data.
- Parameters:
- ciphertextbyte string
The piece of data to decrypt. It can be of any size.
- Return:
the decrypted data (byte string, as long as the ciphertext).
- encrypt(plaintext)¶
Encrypt a piece of data.
- Parameters:
- plaintextbyte string
The piece of data to encrypt. It can be of any size.
- Return:
the encrypted data (byte string, as long as the plaintext).
- Crypto.Cipher.ARC4.block_size = 1¶
Size of a data block (in bytes)
- Crypto.Cipher.ARC4.key_size = range(1, 257)¶
Size of a key (in bytes)
- Crypto.Cipher.ARC4.new(key, *args, **kwargs)¶
Create a new ARC4 cipher
- Parameters:
- keybyte string
The secret key to use in the symmetric cipher. It can have any length, with a minimum of 40 bytes. Its cryptograpic strength is always capped to 2048 bits (256 bytes).
- Return:
an ARC4Cipher object