Eccouncil 212-81 Exam - Topic 10 Question 2 Discussion

RC4

https://en.wikipedia.org/wiki/RC4

RC4 (Rivest Cipher 4 also known as ARC4 or ARCFOUR meaning Alleged RC4, see below) is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

The key-scheduling algorithm is used to initialize the permutation in the array 'S'. 'keylength' is defined as the number of bytes in the key and can be in the range 1 keylength 256, typically between 5 and 16, corresponding to a key length of 40 -- 128 bits. First, the array 'S' is initialized to the identity permutation. S is then processed for 256 iterations in a similar way to the main PRGA, but also mixes in bytes of the key at the same time.

Incorrect answers:

Blowfish -has a 64-bit block size and a variable key length from 32 bits up to 448 bits. It is a 16-round Feistel cipher and uses large key-dependent S-boxes. In structure it resembles CAST-128, which uses fixed S-boxes.

Twofish -is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits.

PIKE-stream cipher was invented by Ross Anderson to be a 'leaner and meaner' version of FISH after he broke FISH in 1994. Its name is supposed to be a humorous allusion to the pike fish.