RE: RC4 compatibility problems?
Hello folks, I'm trying to use openssl (OpenSSL 0.9.7i 14 Oct 2005) on Mac OS X to encrypt a stream of data using RC4. It seems that the RC4 algorithm used in openssl is incompatible with some other implementations I found, for instance this PHP implementation: http://rc4crypt.devhome.org/ . But I also tested an implementation in REALbasic, which didn't work either. It seems that openssl is able to encrypt (and decrypt) it's own data just fine, but as soon I want to decrypt the data on another implementation of RC4 the result is just gibberish. I tried different key sizes/lengths, too, with no success. How is the openssl-RC4 algorithm differnet from other implementation, are there known problems or workarounds? Thanks for your help! This is almost always a case of the key being handled differently in the two cases. For example, in one case you may specify the key in ASCII, and in the other case in base64. One may be in hex and the other in ASCII, 'F' could mean 15 or it could mean 70. This causes the same key input to result in a different binary key being fed to the encryption algorithm. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RC4 compatibility problems?
On Fri, Apr 14, 2006 at 03:23:17PM -0700, David Schwartz wrote: Hello folks, I'm trying to use openssl (OpenSSL 0.9.7i 14 Oct 2005) on Mac OS X to encrypt a stream of data using RC4. It seems that the RC4 algorithm used in openssl is incompatible with some other implementations I found, for instance this PHP implementation: http://rc4crypt.devhome.org/ . But I also tested an implementation in REALbasic, which didn't work either. It seems that openssl is able to encrypt (and decrypt) it's own data just fine, but as soon I want to decrypt the data on another implementation of RC4 the result is just gibberish. I tried different key sizes/lengths, too, with no success. How is the openssl-RC4 algorithm differnet from other implementation, are there known problems or workarounds? Thanks for your help! This is almost always a case of the key being handled differently in the two cases. For example, in one case you may specify the key in ASCII, and in the other case in base64. One may be in hex and the other in ASCII, 'F' could mean 15 or it could mean 70. This causes the same key input to result in a different binary key being fed to the encryption algorithm. Also because RC4 is a keystream, and the first ~256 byes of output are correlated with the key, implementations need to agree on how much of the initial output to discard. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RC4 compatibility problems?
Hi, On 4/15/06, Victor Duchovni [EMAIL PROTECTED] wrote: Also because RC4 is a keystream, and the first ~256 byes of output are correlated with the key, implementations need to agree on how much of the initial output to discard. I read about that 256 byte thing on the web, but what I'm trying to do is to connect my program to a TCP session of a custom server application which has it's own RC4 engine (which is non-openssl). I did not manage to get it to work, as I stated before. The attempt of discarding the first 256 bytes (assuming that the custom engine does that too) did not bring up any results, either. Any other ideas? Bastian __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RC4 compatibility problems?
Hi, On 4/15/06, David Schwartz [EMAIL PROTECTED] wrote: This is almost always a case of the key being handled differently in the two cases. For example, in one case you may specify the key in ASCII, and in the other case in base64. One may be in hex and the other in ASCII, 'F' could mean 15 or it could mean 70. This causes the same key input to result in a different binary key being fed to the encryption algorithm. What I'm doing is to provide the key in hex and not as clear string. Bastian __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]