#### 15 Sep 2001 async»(Journeyer)

Stuff to explore and Things you should know:

(Pseudo-)Random number generators are an art unto themselves; see Knuth's _The Art of Computer Programming_ for a good discussion of the matter. (I recommend spending a few years working the problem sets-- they are quite illuminating).

The most basic form is simply:
X_n = (a*X_(n-1) + c) mod m
This is called a linear congruential generator. It's quite nutty that it works as well as it does, though there are major issues with it. The first thing you have to tackle is figuring out what to make a,c and m. This is detailed very well in Knuth's work.

RC4 and you

RC4 encryption is a simple algorithm. It happens in two phases the setup and the cipher. The cipher is symmetric.

data consists of 256 bytes of state, up to 256 bytes of key, and 10 bytes of random data.

In the setup phase you should first init the state to contain 0 through 255. The key should contain the key itself followed by 10 bytes of random data. (If you are encrypting, the data is created by you and included in the output, if you are decrypting the data should come from the person who sent the ciphertext). Set i and j zero.

Secondly, you must mix the state. For each byte in the state do the following: set n to i mod the length of the key. then, add to j the i'th byte of state and the n'th byte of the key and take the mod 256. Then swap the i'th and j'th byte of state.

After this is done for each byte, set i and j to zero again.

For each byte to encrypt or decrypt do the following: increment i (again mod 256), and add to j the resulting i'th byte of the state (mod 256), then swap the j'th and i'th byte of state. n then is set to the i'th byte of state added to the j'th byte of state (mod 256). Finally, the n'th byte of state is exclusively or'ed with the byte to be cpihered.

As it stands, RC4 is subject to successful attacks. One modification to make it stronger is to perform the mix-state step multiple times (agreed to by the sender and receiver).

References:

```Applied Cryptography, Second Edition, by Bruce Schneier,
John Wiley &
Sons, New York, 1996.  ISBN: 0471117099

http://ciphersaber.gurus\.com/faq.html#getrc4
(Sep 15, 2001).

_The Art of Computer Programming : Seminumerical Algorithms
(Vol 2, 3rd
Ed)_ by D.E. Knuth,  Addison-Wesley Pub Co, 1997.  ISBN:
0201896842

```