Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer

Encryption: RC4 enhancement?

by sifukurt (Hermit)
on Jul 12, 2001 at 23:26 UTC ( #96156=perlquestion: print w/replies, xml ) Need Help??

sifukurt has asked for the wisdom of the Perl Monks concerning the following question:

I've been working on several projects involving encryption recently, most of which involve a CPAN module that I wrote, Crypt::RC4. In the process, I might have come up with an enhancement to RC4 encryption, but I need some input from the Monks. If you aren't familiar with, or don't have an interest in the guts of encryption, particularly as is pertains to perl, you might want to bail out here. For those of you that are still here, come with me to the dark oubliette beneath these cloistered halls.

I was looking at the Triple DES algorithm, which was devised to strengthen the DES encryption algorithm. Triple DES simply performs DES encryption a number of times with a number of keys. This traditionally is done with 3 different keys, the first and second keys being the same with the third key being different, or with all three keys being the same. Further, you can either encrypt three times (referred to as EEE), or encrypt with the first key, decrypt with the second key, and encrypt with the third key (referred to as EDE). The purpose is to diffuse the plaintext even more than is done with a single iteration. It was at this point an idea for doing the same thing with RC4 popped into my head. To that end, I modified my RC4 module and came up with this:
package Crypt::TripleRC4; use strict; use vars qw($VERSION @ISA @EXPORT @EXPORT_OK); require Exporter; @ISA = qw(Exporter AutoLoader); @EXPORT = qw(TripleRC4); $VERSION = '0.01'; sub TripleRC4 { my ( $key, $text, $mode ) = @_; my ( $text1, $text2, $text3 ) = undef; my $key2 = _RC4( $key, $key ); my $key3 = $key2 ^ $key; if ( $mode =~ /e/i ) { $text1 = _RC4( $key, $text ); $text2 = _RC4( $key2, $text1 ); $text3 = _RC4( $key3, $text2 ); } elsif ( $mode =~ /d/i ) { $text1 = _RC4( $key3, $text ); $text2 = _RC4( $key2, $text1 ); $text3 = _RC4( $key, $text2 ); } else { return undef; } return $text3; } sub _RC4 { my $x = 0; my $y = 0; my $key = shift; my @k = unpack( 'C*', $key ); my @s = 0 .. 255; for ( $x = 0 ; $x != 256 ; $x++ ) { $y = ( $k[ $x % @k ] + $s[$x] + $y ) % 256; @s[ $x, $y ] = @s[ $y, $x ]; } $x = $y = 0; my $z = undef; for ( unpack( 'C*', shift ) ) { $x = ( $x + 1 ) % 256; $y = ( $s[$x] + $y ) % 256; @s[ $x, $y ] = @s[ $y, $x ]; $z .= pack( 'C', $_ ^= $s[ ( $s[$x] + $s[$y] ) % 256 ] ); } return $z; } 1; __END__ =head1 NAME Crypt::TripleRC4 - Modified perl implementation of the RC4 encryption +algorithm =head1 SYNOPSIS use Crypt::TripleRC4; $encrypted = TripleRC4( $passphrase, $plaintext, "e" ); $decrypt = TripleRC4( $passphrase, $encrypted, "d" ); =head1 DESCRIPTION This differs from standard RC4 in that three keys are used to encrypt +the text. KEY1 is the key entered by the user. KEY2 is KEY1 encrypted using itself as the key. + KEY3 is KEY2 ^ KEY1. I am uncertain as to what, if any, benefit is provided by this, hence +the reason I'm posting this to Perlmonks. The idea for TripleRC4 stems from TripleDES. =head1 AUTHOR Kurt Kincaid ( =head1 SEE ALSO perl(1),, =cut

Essentially what it does is encrypt with RC4 three different times, each time with a different key. My question is what benefit, if any, is gained by this? And is there a better way to implement this, provided that there is a benefit? Logically, it seems to me that this would further diffuse the plaintext. However, I submit the idea and the code to the Eminent Perl Monks for dissection.

Thanks for your time. I look forward to any feedback that you may have.

Replies are listed 'Best First'.
Re: Encryption: RC4 enhancement?
by John M. Dlugosz (Monsignor) on Jul 13, 2001 at 01:07 UTC
    Just use a longer key to begin with. Your keyspace is 256! (about 1684 bits), so you have room to concatenate your three passwords together and just to the algorithm once.

    Triple-DES was a work-around to expand the key, which was too small.


    P.S. I wrote you a while back about my improvements to that module. I still need to send it to you...

Re: Encryption: RC4 enhancement?
by MeowChow (Vicar) on Jul 13, 2001 at 12:21 UTC
    I suggest you check out sci.crypt, but to quote the relevant bit of discouragement from the sci.crpyt FAQ:
    Among professionals, a common rule of thumb is that if you want to design a cryptosystem, you have to have experience as a cryptanalyst +.
    This advice applies as much to modifying existing cryptosystems as it does to creating new ones. Unless you have a serious theoretical background in probability and number theory, as well as in cryptanalysis, don't bother. In this problem domain, our resident monks will be about as helpful as the well-intentioned folks from
                   s aamecha.s a..a\u$&owag.print
      LOL! Wow, I didn't know the folks from were so well informed on crypto and programming. :-)

      Point well taken. I do work with crypto, cryptosystems, and the implementation/use thereof on a daily basis, both as part of my work and as something I enjoy in my spare time. I've read the books, attended the seminars, etc. My purpose was two-fold:
      1. To get some general feedback on whether or not this may be a useful concept. Casual early analysis looks good, but I wanted more opinions than my own.
      2. To get some ideas for a faster/better/more efficient way of coding the encryption.
      That's actually why I hesitated to post anything. I don't want anyone to get the idea that I'm proffering this as some super, extra-sneaky, brilliantly conceived, extraordinarly complex crypto idea that only I was capable of coming up with. Far, far from it. We've all seen our fair share of those sorts of posts, mostly from people who don't know good cryptography from a horse poopoo and anchovy pizza. I honestly intended for this to be a question, rather than a solution.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://96156]
Approved by root
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (3)
As of 2023-10-04 17:48 GMT
Find Nodes?
    Voting Booth?

    No recent polls found