RC4 compatibility problems?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

RC4 compatibility problems?

Bastian Bense-2
Hello folks,

I'm trying to use openssl (OpenSSL 0.9.7i 14 Oct 2005) on Mac OS X to
encrypt a stream of data using RC4.

It seems that the RC4 algorithm used in openssl is incompatible with
some other implementations I found, for instance this PHP
implementation: http://rc4crypt.devhome.org/ . But I also tested an
implementation in REALbasic, which didn't work either.

It seems that openssl is able to encrypt (and decrypt) it's own data
just fine, but as soon I want to decrypt the data on another
implementation of RC4 the result is just gibberish. I tried different
key sizes/lengths, too, with no success.

How is the openssl-RC4 algorithm differnet from other implementation,
are there known problems or workarounds?

Thanks for your help!

Bastian
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: RC4 compatibility problems?

JoelKatz

> Hello folks,
>
> I'm trying to use openssl (OpenSSL 0.9.7i 14 Oct 2005) on Mac OS X to
> encrypt a stream of data using RC4.
>
> It seems that the RC4 algorithm used in openssl is incompatible with
> some other implementations I found, for instance this PHP
> implementation: http://rc4crypt.devhome.org/ . But I also tested an
> implementation in REALbasic, which didn't work either.
>
> It seems that openssl is able to encrypt (and decrypt) it's own data
> just fine, but as soon I want to decrypt the data on another
> implementation of RC4 the result is just gibberish. I tried different
> key sizes/lengths, too, with no success.
>
> How is the openssl-RC4 algorithm differnet from other implementation,
> are there known problems or workarounds?
>
> Thanks for your help!

        This is almost always a case of the key being handled differently in the
two cases. For example, in one case you may specify the key in ASCII, and in
the other case in base64. One may be in hex and the other in ASCII, 'F'
could mean 15 or it could mean 70. This causes the same key input to result
in a different binary key being fed to the encryption algorithm.

        DS




______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: RC4 compatibility problems?

Victor Duchovni
On Fri, Apr 14, 2006 at 03:23:17PM -0700, David Schwartz wrote:

>
> > Hello folks,
> >
> > I'm trying to use openssl (OpenSSL 0.9.7i 14 Oct 2005) on Mac OS X to
> > encrypt a stream of data using RC4.
> >
> > It seems that the RC4 algorithm used in openssl is incompatible with
> > some other implementations I found, for instance this PHP
> > implementation: http://rc4crypt.devhome.org/ . But I also tested an
> > implementation in REALbasic, which didn't work either.
> >
> > It seems that openssl is able to encrypt (and decrypt) it's own data
> > just fine, but as soon I want to decrypt the data on another
> > implementation of RC4 the result is just gibberish. I tried different
> > key sizes/lengths, too, with no success.
> >
> > How is the openssl-RC4 algorithm differnet from other implementation,
> > are there known problems or workarounds?
> >
> > Thanks for your help!
>
> This is almost always a case of the key being handled differently in the
> two cases. For example, in one case you may specify the key in ASCII, and in
> the other case in base64. One may be in hex and the other in ASCII, 'F'
> could mean 15 or it could mean 70. This causes the same key input to result
> in a different binary key being fed to the encryption algorithm.
>

Also because RC4 is a keystream, and the first ~256 byes of output are
correlated with the key, implementations need to agree on how much of
the initial output to discard.

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: RC4 compatibility problems?

Bastian Bense-2
Hi,

On 4/15/06, Victor Duchovni <[hidden email]> wrote:
> Also because RC4 is a keystream, and the first ~256 byes of output are
> correlated with the key, implementations need to agree on how much of
> the initial output to discard.

I read about that 256 byte thing on the web, but what I'm trying to do
is to connect my program to a TCP session of a custom server
application which has it's own RC4 engine (which is non-openssl). I
did not manage to get it to work, as I stated before.

The attempt of discarding the first 256 bytes (assuming that the
custom engine does that too) did not bring up any results, either.

Any other ideas?


Bastian
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: RC4 compatibility problems?

Bastian Bense-2
In reply to this post by JoelKatz
Hi,

On 4/15/06, David Schwartz <[hidden email]> wrote:
>         This is almost always a case of the key being handled differently in the
> two cases. For example, in one case you may specify the key in ASCII, and in
> the other case in base64. One may be in hex and the other in ASCII, 'F'
> could mean 15 or it could mean 70. This causes the same key input to result
> in a different binary key being fed to the encryption algorithm.

What I'm doing is to provide the key in hex and not as clear string.

Bastian
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]