3
$\begingroup$

OpenSSL supports rc4 with 128-bit keys and rc4 with 40-bit keys. It does not support rc4 with 256-bit keys.

My question is... is it possible to modify the state of the pseudo-random generation algorithm (PRGA), given a 128-bit key, to match the initial state a PRGA with a 256-bit key?

Improve this question
$\endgroup$
1
  • 3
    $\begingroup$ OpenSSL library supports any multiple of 8 bits key (i.e. integral bytes) for RC4 if you write a few lines of code to call it; it is the prewritten commandline utility openssl enc -$cipher alias openssl $cipher that supports only 40 and 128. And libssl also uses only 40 and 128 because those are the only published RC4 ciphersuites. $\endgroup$ Commented Nov 26, 2014 at 0:33

1 Answer 1

Reset to default
4
$\begingroup$

NO. Without changing the API, it is not possible to coerce a 40-bit-key or 128-bit-key implementation of RC4 to behave like a 256-bit-key one, because there is no way to inject any key material in the RC4 state after initialization.

Dave_Thompson_085 has an interesting comment for OpenSSL specifics.

Improve this answer
$\endgroup$

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.