Don't use RC4

RC4 was designed in 1987 for use as a stream cipher. It is used in HTTPS and WEP.

There are weaknesses

1. There is bias in the initial output: Pr[2nd byte = 0] = 2/256
2. Probability of sixteen bits equaling zero is 1/256^2 + 1/256^3 . This occurs after several Gigs of data has been encrypted.
3. Vulnerable to related key attacks, where only the IV changes but the key stays the same.

If you must use RC4, ignore the first 256 bytes as they are biased.

Don't use RC4

RC4 was designed in 1987 for use as a stream cipher. It is used in HTTPS and WEP.

There are weaknesses

1. There is bias in the initial output: Pr[2nd byte = 0] = 2/256
2. Probability of sixteen bits equaling zero is 1/256^2 + 1/256^3 . This occurs after several Gigs of data has been encrypted.
3. Vulnerable to related key attacks, where only the IV changes but the key stays the same.

Take away If you must use RC4, ignore the first 256 bytes as they are biased. If you use RC4 for Gigs of data, then the bias in RC4 will allow for attacks of all prior encrypted data.