I've been working on several projects involving encryption recently, most of which involve a CPAN module that I wrote, Crypt::RC4. In the process, I might have come up with an enhancement to RC4 encryption, but I need some input from the Monks. If you aren't familiar with, or don't have an interest in the guts of encryption, particularly as is pertains to perl, you might want to bail out here. For those of you that are still here, come with me to the dark oubliette beneath these cloistered halls.

I was looking at the Triple DES algorithm, which was devised to strengthen the DES encryption algorithm. Triple DES simply performs DES encryption a number of times with a number of keys. This traditionally is done with 3 different keys, the first and second keys being the same with the third key being different, or with all three keys being the same. Further, you can either encrypt three times (referred to as EEE), or encrypt with the first key, decrypt with the second key, and encrypt with the third key (referred to as EDE). The purpose is to diffuse the plaintext even more than is done with a single iteration. It was at this point an idea for doing the same thing with RC4 popped into my head. To that end, I modified my RC4 module and came up with this:

package Crypt::TripleRC4;

use strict;
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);

require Exporter;

@ISA     = qw(Exporter AutoLoader);
@EXPORT  = qw(TripleRC4);
$VERSION = '0.01';

sub TripleRC4 {
    my ( $key, $text, $mode ) = @_;
    my ( $text1, $text2, $text3 ) = undef;
    my $key2 = _RC4( $key, $key );
    my $key3 = $key2 ^ $key;
    if ( $mode =~ /e/i ) {
        $text1 = _RC4( $key,  $text );
        $text2 = _RC4( $key2, $text1 );
        $text3 = _RC4( $key3, $text2 );
    } elsif ( $mode =~ /d/i ) {
        $text1 = _RC4( $key3, $text );
        $text2 = _RC4( $key2, $text1 );
        $text3 = _RC4( $key,  $text2 );
    } else {
        return undef;
    }
    return $text3;
}

sub _RC4 {
    my $x = 0;
    my $y = 0;

    my $key = shift;
    my @k   = unpack( 'C*', $key );
    my @s   = 0 .. 255;

    for ( $x = 0 ; $x != 256 ; $x++ ) {
        $y = ( $k[ $x % @k ] + $s[$x] + $y ) % 256;
        @s[ $x, $y ] = @s[ $y, $x ];
    }

    $x = $y = 0;

    my $z = undef;

    for ( unpack( 'C*', shift ) ) {
        $x = ( $x + 1 ) % 256;
        $y = ( $s[$x] + $y ) % 256;
        @s[ $x, $y ] = @s[ $y, $x ];
        $z .= pack( 'C', $_ ^= $s[ ( $s[$x] + $s[$y] ) % 256 ] );
    }

    return $z;
}

1;
__END__

=head1 NAME

Crypt::TripleRC4 - Modified perl implementation of the RC4 encryption 
+algorithm

=head1 SYNOPSIS

  use Crypt::TripleRC4;
  $encrypted = TripleRC4( $passphrase, $plaintext, "e" );
  $decrypt = TripleRC4( $passphrase, $encrypted, "d" );

=head1 DESCRIPTION

This differs from standard RC4 in that three keys are used to encrypt 
+the text. KEY1 is the key 
entered by the user.  KEY2 is KEY1 encrypted using itself as the key. 
+ KEY3 is KEY2 ^ KEY1.  
I am uncertain as to what, if any, benefit is provided by this, hence 
+the reason I'm posting 
this to Perlmonks.  The idea for TripleRC4 stems from TripleDES.

=head1 AUTHOR

Kurt Kincaid (sifukurt@yahoo.com)

=head1 SEE ALSO

perl(1), http://www.cypherspace.org, http://www.rsasecurity.com

=cut
[download]

Essentially what it does is encrypt with RC4 three different times, each time with a different key. My question is what benefit, if any, is gained by this? And is there a better way to implement this, provided that there is a benefit? Logically, it seems to me that this would further diffuse the plaintext. However, I submit the idea and the code to the Eminent Perl Monks for dissection.

Thanks for your time. I look forward to any feedback that you may have.