Test Vectors for the Stream Cipher RC4
RFC 6229
| Document | Type |
RFC - Informational
(May 2011; No errata)
Was draft-josefsson-rc4-test-vectors (individual in sec area)
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Stream | IETF | ||
| Formats | plain text pdf html bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 6229 (Informational) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Sean Turner | ||
| IESG note | Simon Josefsson (simon@josefsson.org) is the Document Shepherd. | ||
| Send notices to | (None) | ||
Internet Engineering Task Force (IETF) J. Strombergson
Request for Comments: 6229 SecWorks Sweden AB
Category: Informational S. Josefsson
ISSN: 2070-1721 Simon Josefsson Datakonsult AB
May 2011
Test Vectors for the Stream Cipher RC4
Abstract
This document contains test vectors for the stream cipher RC4.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6229.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Strombergson & Josefsson Informational [Page 1]
RFC 6229 Test Vectors for the Stream Cipher RC4 May 2011
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Test Vectors for RC4 . . . . . . . . . . . . . . . . . . . . . 4
3. Security Considerations . . . . . . . . . . . . . . . . . . . 11
4. Copying Conditions . . . . . . . . . . . . . . . . . . . . . . 11
5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.1. Normative References . . . . . . . . . . . . . . . . . . . 11
5.2. Informative References . . . . . . . . . . . . . . . . . . 11
1. Introduction
The RC4 [RC4] algorithm is a widely used stream cipher. Test vectors
for algorithms are useful for implementers. The RC4 cipher can use
different key lengths. Advances in crypto-analysis [FMcG] [MANTIN01]
[MIRONOV] [MANTIN05] suggest that initial parts of the stream output
need to be discarded. This document contains several test vectors
for different key lengths and for different offsets in the stream.
Motivation for this document arose from the implementation of
[RFC4345].
The test vectors provided in this document have been collected by
generating RC4 keystream output from three separate implementations
and comparing the streams. The RC4 implementations used are
Libgcrypt 1.4.4 [LIBGCRYPT], Nettle 2.0 [NETTLE], and a custom
implementation.
The document contains test vectors for two different keys:
Key 1: The key byte index (starting on one), that is: 0x01, 0x02,
0x03, 0x04,...
Key 2: Generated by hashing the string "Internet Engineering Task
Force" with the SHA-256 [SHS] [RFC4634] hash function, using the
following command:
$ echo -n "Internet Engineering Task Force" | sha256sum
1ada31d5cf688221c109163908ebe51debb46227c6cc8b37641910833222772a
The generated string has also been verified using the SHA-256 hash
function implementation in OpenSSL (versions 0.9.8l and 1.0.0a)
[OPENSSL].
The digest that is generated is then truncated to the appropriate
length, keeping the Least Significant Bit (LSB) part of the digest as
the key.
Strombergson & Josefsson Informational [Page 2]
RFC 6229 Test Vectors for the Stream Cipher RC4 May 2011
The key lengths used in this document are 40, 56, 64, 80, 128, 192,
and 256 bits, respectively. The stream offsets used in this document
are 0, 256, 512, 768, 1024, 1536, 2048, 3072, and 4096 bytes,
respectively. Offset 1536 corresponds to recommendations in
[RFC4345]. The offsets 768 and 3072 correspond to recommendations in
[SANS].
2. Test Vectors for RC4
Key length: 40 bits.
key: 0x0102030405
Show full document text