Package Cryptodome :: Package Cipher :: Module ARC4

Module ARC4

ARC4 symmetric cipher

ARC4 (Alleged RC4) is an implementation of RC4 (Rivest's Cipher version 4), a symmetric stream cipher designed by Ron Rivest in 1987.

The cipher started as a proprietary design, that was reverse engineered and anonymously posted on Usenet in 1994. The company that owns RC4 (RSA Data Inc.) never confirmed the correctness of the leaked algorithm.

Unlike RC2, the company has never published the full specification of RC4, of whom it still holds the trademark.

ARC4 keys can vary in length from 40 to 2048 bits.

One problem of ARC4 is that it does not take a nonce or an IV. If it is required to encrypt multiple messages with the same long-term key, a distinct independent nonce must be created for each message, and a short-term key must be derived from the combination of the long-term key and the nonce. Due to the weak key scheduling algorithm of RC2, the combination must be carried out with a complex function (e.g. a cryptographic hash) and not by simply concatenating key and nonce.

Use ChaCha20, not ARC4. This module is only provided for legacy purposes.

As an example, encryption can be done as follows:

>>> from Cryptodome.Cipher import ARC4
>>> from Cryptodome.Hash import SHA
>>> from Cryptodome.Random import get_random_bytes
>>>
>>> key = b'Very long and confidential key'
>>> nonce = get_random_bytes(16)
>>> tempkey = SHA.new(key+nonce).digest()
>>> cipher = ARC4.new(tempkey)
>>> msg = nonce + cipher.encrypt(b'Open the pod bay doors, HAL')
Classes
  ARC4Cipher
ARC4 cipher object
Functions
 
new(key, *args, **kwargs)
Create a new ARC4 cipher
Variables
  block_size = 1
Size of a data block (in bytes)
  key_size = xrange(5, 257)
Size of a key (in bytes)
Function Details

new(key, *args, **kwargs)

 

Create a new ARC4 cipher

Parameters:
  • key (byte string) - The secret key to use in the symmetric cipher. Its length must be in the range [5..256]. The recommended length is 16 bytes.
  • drop (integer) - The amount of bytes to discard from the initial part of the keystream. In fact, such part has been found to be distinguishable from random data (while it shouldn't) and also correlated to key.

    The recommended value is 3072 bytes. The default value is 0.

Returns:
an ARC4Cipher object