mirror of
https://github.com/openssl/openssl.git
synced 2025-01-15 14:34:20 +08:00
279 lines
11 KiB
Plaintext
279 lines
11 KiB
Plaintext
Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
|
|
Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
|
|
From: sterndark@netcom.com (David Sterndark)
|
|
Subject: RC4 Algorithm revealed.
|
|
Message-ID: <sternCvKL4B.Hyy@netcom.com>
|
|
Sender: sterndark@netcom.com
|
|
Organization: NETCOM On-line Communication Services (408 261-4700 guest)
|
|
X-Newsreader: TIN [version 1.2 PL1]
|
|
Date: Wed, 14 Sep 1994 06:35:31 GMT
|
|
Lines: 263
|
|
Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
|
|
|
|
I am shocked, shocked, I tell you, shocked, to discover
|
|
that the cypherpunks have illegaly and criminally revealed
|
|
a crucial RSA trade secret and harmed the security of
|
|
America by reverse engineering the RC4 algorithm and
|
|
publishing it to the world.
|
|
|
|
On Saturday morning an anonymous cypherpunk wrote:
|
|
|
|
|
|
SUBJECT: RC4 Source Code
|
|
|
|
|
|
I've tested this. It is compatible with the RC4 object module
|
|
that comes in the various RSA toolkits.
|
|
|
|
/* rc4.h */
|
|
typedef struct rc4_key
|
|
{
|
|
unsigned char state[256];
|
|
unsigned char x;
|
|
unsigned char y;
|
|
} rc4_key;
|
|
void prepare_key(unsigned char *key_data_ptr,int key_data_len,
|
|
rc4_key *key);
|
|
void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
|
|
|
|
|
|
/*rc4.c */
|
|
#include "rc4.h"
|
|
static void swap_byte(unsigned char *a, unsigned char *b);
|
|
void prepare_key(unsigned char *key_data_ptr, int key_data_len,
|
|
rc4_key *key)
|
|
{
|
|
unsigned char swapByte;
|
|
unsigned char index1;
|
|
unsigned char index2;
|
|
unsigned char* state;
|
|
short counter;
|
|
|
|
state = &key->state[0];
|
|
for(counter = 0; counter < 256; counter++)
|
|
state[counter] = counter;
|
|
key->x = 0;
|
|
key->y = 0;
|
|
index1 = 0;
|
|
index2 = 0;
|
|
for(counter = 0; counter < 256; counter++)
|
|
{
|
|
index2 = (key_data_ptr[index1] + state[counter] +
|
|
index2) % 256;
|
|
swap_byte(&state[counter], &state[index2]);
|
|
|
|
index1 = (index1 + 1) % key_data_len;
|
|
}
|
|
}
|
|
|
|
void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
|
|
{
|
|
unsigned char x;
|
|
unsigned char y;
|
|
unsigned char* state;
|
|
unsigned char xorIndex;
|
|
short counter;
|
|
|
|
x = key->x;
|
|
y = key->y;
|
|
|
|
state = &key->state[0];
|
|
for(counter = 0; counter < buffer_len; counter ++)
|
|
{
|
|
x = (x + 1) % 256;
|
|
y = (state[x] + y) % 256;
|
|
swap_byte(&state[x], &state[y]);
|
|
|
|
xorIndex = (state[x] + state[y]) % 256;
|
|
|
|
buffer_ptr[counter] ^= state[xorIndex];
|
|
}
|
|
key->x = x;
|
|
key->y = y;
|
|
}
|
|
|
|
static void swap_byte(unsigned char *a, unsigned char *b)
|
|
{
|
|
unsigned char swapByte;
|
|
|
|
swapByte = *a;
|
|
*a = *b;
|
|
*b = swapByte;
|
|
}
|
|
|
|
|
|
|
|
Another cypherpunk, this one not anonymous, tested the
|
|
output from this algorithm against the output from
|
|
official RC4 object code
|
|
|
|
|
|
Date: Tue, 13 Sep 94 18:37:56 PDT
|
|
From: ekr@eit.COM (Eric Rescorla)
|
|
Message-Id: <9409140137.AA17743@eitech.eit.com>
|
|
Subject: RC4 compatibility testing
|
|
Cc: cypherpunks@toad.com
|
|
|
|
One data point:
|
|
|
|
I can't say anything about the internals of RC4 versus the
|
|
algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
|
|
since I don't know anything about RC4's internals.
|
|
|
|
However, I do have a (legitimately acquired) copy of BSAFE2 and
|
|
so I'm able to compare the output of this algorithm to the output
|
|
of genuine RC4 as found in BSAFE. I chose a set of test vectors
|
|
and ran them through both algorithms. The algorithms appear to
|
|
give identical results, at least with these key/plaintext pairs.
|
|
|
|
I note that this is the algorithm _without_ Hal Finney's
|
|
proposed modification
|
|
|
|
(see <199409130605.XAA24133@jobe.shell.portal.com>).
|
|
|
|
The vectors I used (together with the ciphertext they produce)
|
|
follow at the end of this message.
|
|
|
|
-Ekr
|
|
|
|
Disclaimer: This posting does not reflect the opinions of EIT.
|
|
|
|
--------------------results follow--------------
|
|
Test vector 0
|
|
Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
|
|
Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
|
|
0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96
|
|
|
|
Test vector 1
|
|
Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
|
|
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
|
|
0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79
|
|
|
|
Test vector 2
|
|
Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
|
|
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
|
|
0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a
|
|
|
|
Test vector 3
|
|
Key: 0xef 0x01 0x23 0x45
|
|
Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
|
|
0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61
|
|
|
|
Test vector 4
|
|
Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
|
|
Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
|
|
0x01
|
|
0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4
|
|
0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f
|
|
0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca
|
|
0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d
|
|
0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1
|
|
0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6
|
|
0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95
|
|
0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a
|
|
0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3
|
|
0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56
|
|
0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa
|
|
0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd
|
|
0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5
|
|
0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6
|
|
0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a
|
|
0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6
|
|
0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53
|
|
0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32
|
|
0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8
|
|
0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0
|
|
0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10
|
|
0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62
|
|
0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e
|
|
0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef
|
|
0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90
|
|
0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29
|
|
0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b
|
|
0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16
|
|
0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64
|
|
0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86
|
|
0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26
|
|
0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91
|
|
0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3
|
|
0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35
|
|
0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b
|
|
0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8
|
|
0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80
|
|
0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2
|
|
0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8
|
|
0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d
|
|
0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6
|
|
0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c
|
|
0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37
|
|
0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00
|
|
0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd
|
|
0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f
|
|
0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58
|
|
0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12
|
|
0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58
|
|
0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4
|
|
0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0
|
|
0xc0
|
|
|
|
|
|
|
|
--
|
|
---------------------------------------------------------------------
|
|
We have the right to defend ourselves and our
|
|
property, because of the kind of animals that we James A. Donald
|
|
are. True law derives from this right, not from
|
|
the arbitrary power of the omnipotent state. jamesd@netcom.com
|
|
|
|
|