Test Vectors for the Stream Cipher RC4
RFC 6229
Document | Type |
RFC - Informational
(May 2011; No errata)
Was draft-josefsson-rc4-test-vectors (individual in sec area)
|
|
---|---|---|---|
Authors | Joachim Strombergson , Simon Josefsson | ||
Last updated | 2015-10-14 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 6229 (Informational) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Sean Turner | ||
IESG note | Simon Josefsson (simon@josefsson.org) is the Document Shepherd. | ||
Send notices to | (None) |
Internet Engineering Task Force (IETF) J. Strombergson Request for Comments: 6229 SecWorks Sweden AB Category: Informational S. Josefsson ISSN: 2070-1721 Simon Josefsson Datakonsult AB May 2011 Test Vectors for the Stream Cipher RC4 Abstract This document contains test vectors for the stream cipher RC4. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6229. Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Strombergson & Josefsson Informational [Page 1] RFC 6229 Test Vectors for the Stream Cipher RC4 May 2011 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Test Vectors for RC4 . . . . . . . . . . . . . . . . . . . . . 4 3. Security Considerations . . . . . . . . . . . . . . . . . . . 11 4. Copying Conditions . . . . . . . . . . . . . . . . . . . . . . 11 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 5.1. Normative References . . . . . . . . . . . . . . . . . . . 11 5.2. Informative References . . . . . . . . . . . . . . . . . . 11 1. Introduction The RC4 [RC4] algorithm is a widely used stream cipher. Test vectors for algorithms are useful for implementers. The RC4 cipher can use different key lengths. Advances in crypto-analysis [FMcG] [MANTIN01] [MIRONOV] [MANTIN05] suggest that initial parts of the stream output need to be discarded. This document contains several test vectors for different key lengths and for different offsets in the stream. Motivation for this document arose from the implementation of [RFC4345]. The test vectors provided in this document have been collected by generating RC4 keystream output from three separate implementations and comparing the streams. The RC4 implementations used are Libgcrypt 1.4.4 [LIBGCRYPT], Nettle 2.0 [NETTLE], and a custom implementation. The document contains test vectors for two different keys: Key 1: The key byte index (starting on one), that is: 0x01, 0x02, 0x03, 0x04,... Key 2: Generated by hashing the string "Internet Engineering Task Force" with the SHA-256 [SHS] [RFC4634] hash function, using the following command: $ echo -n "Internet Engineering Task Force" | sha256sum 1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a The generated string has also been verified using the SHA-256 hash function implementation in OpenSSL (versions 0.9.8l and 1.0.0a) [OPENSSL]. The digest that is generated is then truncated to the appropriate length, keeping the Least Significant Bit (LSB) part of the digest as the key. Strombergson & Josefsson Informational [Page 2] RFC 6229 Test Vectors for the Stream Cipher RC4 May 2011 The key lengths used in this document are 40, 56, 64, 80, 128, 192, and 256 bits, respectively. The stream offsets used in this document are 0, 256, 512, 768, 1024, 1536, 2048, 3072, and 4096 bytes, respectively. Offset 1536 corresponds to recommendations in [RFC4345]. The offsets 768 and 3072 correspond to recommendations in [SANS]. 2. Test Vectors for RC4 Key length: 40 bits. key: 0x0102030405 DEC 0 HEX 0: b2 39 63 05 f0 3d c0 27 cc c3 52 4a 0a 11 18 a8 DEC 16 HEX 10: 69 82 94 4f 18 fc 82 d5 89 c4 03 a4 7a 0d 09 19 DEC 240 HEX f0: 28 cb 11 32 c9 6c e2 86 42 1d ca ad b8 b6 9e ae DEC 256 HEX 100: 1c fc f6 2b 03 ed db 64 1d 77 df cf 7f 8d 8c 93Show full document text