RC4 in TLS is now broken. But the breaking seems to have a lot to do with how web transactions work in general. Is there any application outside of the web where RC4 is still used? I know that WEP is long out of the window. Any other widely used applications?
Asked
Active
Viewed 1,004 times
2
1 Answers
3
RC4 seems to be an option in the SSH1 and SSH2 protocols, so yes, it is still in use as cipher. AES seems to be preferred in most configurations, but "arcfour" is still often used as fallback.
WPA and WPA2 may also use RC4 instead of AES, using TKIP. Again, this protocol was introduced to replace the broken WEP protocol while still relying on the faster RC4 protocol. So it's still often used as fallback in case WPA2 with AES is unavailable, e.g. on older hardware without hardware AES support.
Maarten Bodewes
- 92,551
- 13
- 161
- 313
-
-
@SEJPM Integrated into answer. Fortunately the RC4 weaknesses can be worked around, but those above are two very widely used protocols. RC4 is far from gone :/ – Maarten Bodewes Jul 31 '16 at 13:35
-
Can you point to a reason why RC4 in TLS is now dead yet in protocols such as SSH and the WPA's; RC4 continues to be good? – Minaj Jul 31 '16 at 20:30
-
1In either of the three protocols it is a legacy option - having be replaced by AES (mainly). It's only dead if the implementations of it aren't used anymore. In TLS it actually made a small comeback when the BEAST attack was disclosed. – Maarten Bodewes Jul 31 '16 at 21:56
But the breaking seems to have a lot to do with how web transactions work in general.– Erm, no… the “breaking” comes from RC4’s shuffling/permutation and affects RC4 as well as all ciphers that use similar constructions as random permutation. The result is plenty of bias, which can be (and was) exploited. For more info on all that, check the answers to Is there a way to make RC4 (ARCFOUR) secure, or is it completely broken?. Also, it probably doesn’t hurt to check other Q&As tagged RC4. – e-sushi Jul 31 '16 at 10:31