CoderTools

RC Cipher Family Encryption/Decryption

RC2/RC4/RC5/RC6 Symmetric Ciphers Designed by Ron Rivest

⚠️ Security Notice

RC4 has known vulnerabilities and has been deprecated from TLS/SSL. For maximum security, consider using AES-256. All data is processed locally in your browser.

RC2 key length: 1-128 bytes (8-1024 bits). Block size: 64 bits. Recommended: 16 bytes (128 bits)
Format Options

About RC Cipher Family

The RC (Rivest Cipher, also "Ron's Code") family was designed by Ron Rivest at MIT and RSA Security across four decades. RC2 (1987, published via RFC 2268 in 1998) is a 64-bit block cipher with variable key lengths from 64 to 128 bits, created for export-grade use and still found in some S/MIME implementations. RC4 (1987, leaked to the Cypherpunks mailing list in 1994) is a stream cipher notorious for the WEP key-scheduling vulnerability and the Fluhrer-Mantin-Shamir (FMS) attack.

RC5 (1994, Rivest) introduced a fully parameterized block cipher — RC5-w/r/b selects word width (16, 32, or 64 bits), round count (0–255), and key length (0–255 bytes); RC5-32/12/16 (32-bit words, 12 rounds, 16-byte key) is the reference implementation. RC6 (1998, Rivest, Gupta, Shamir, Yin) extended RC5 with integer multiplication and quadruple registers for its final AES-candidate submission; RC6-32/20/b uses 20 rounds and 128/192/256-bit keys, targeting the same AES performance-security trade-offs as Rijndael.

Algorithm Comparison

Algorithm Type Key Length Block Size Security Status
RC2 Block Cipher 1-128 bytes 64 bits Weak Deprecated
RC4 Stream Cipher 1-256 bytes N/A (stream) Weak Deprecated
RC5 Block Cipher 0-255 bytes 32/64/128 bits Good Secure
RC6 Block Cipher 16/24/32 bytes 128 bits Excellent AES Finalist

RC2 (Rivest Cipher 2)

RC2 is a 64-bit block cipher designed in 1987. It uses a variable-length key (1-128 bytes) and has a unique 'effective key bits' parameter that can limit the key search space.

Originally kept secret, RC2 was designed for export compatibility with 40-bit effective key length. Due to known vulnerabilities, it should only be used for legacy system compatibility.

RC4 (Rivest Cipher 4)

RC4 is a stream cipher designed in 1987. It generates a pseudo-random stream of bytes (keystream) that is XORed with the plaintext. Known for its simplicity and speed, it was widely used in SSL/TLS, WEP, and WPA protocols.

Due to discovered vulnerabilities (especially in the first bytes of the keystream), RC4 has been deprecated from modern security protocols. The 'RC4-Drop' variant discards the initial keystream bytes to mitigate these issues.

RC5 (Rivest Cipher 5)

RC5, published in 1994, introduced a parameterized design with three variables: word size (w), number of rounds (r), and key length (b). This flexibility allows RC5 to be adapted to different security requirements.

RC5 uses data-dependent rotations as its primary non-linear operation, making it simple yet effective. Common configurations include RC5-32/12/16 (32-bit words, 12 rounds, 16-byte key).

RC6 (Rivest Cipher 6)

RC6 was submitted as an AES candidate in 1998 and was one of the five finalists. It extends RC5 with integer multiplication for better diffusion and uses four working registers instead of two.

With a fixed 128-bit block size and support for 128/192/256-bit keys, RC6 provides excellent security. Although Rijndael was selected as AES, RC6 remains a respected and secure algorithm.

Key Features

  • RC2: Legacy block cipher with variable key length, for compatibility purposes only
  • RC4: Extremely fast stream cipher, ideal for real-time applications
  • RC5: Parameterized design allows flexible security/performance tradeoffs
  • RC6: Modern block cipher with strong security guarantees
  • All algorithms are patent-free and freely available for any use

Encryption Modes (RC5/RC6)

  • CBC: Cipher Block Chaining for RC2/RC5/RC6 — RC2's 64-bit blocks share the Sweet32 birthday-bound risk (significant after ≈ 32 GB same-key CBC data); RC5-32/RC6-32 use 64-bit blocks too. For bulk encryption, prefer AES-GCM. RC4 has no block-chaining mode; it generates a continuous byte-level PRGA keystream directly.
  • ECB: Electronic Codebook for RC2/RC5/RC6 — each block is processed independently through all cipher rounds with the same derived subkeys. RC2/RC5-32/RC6-32 all operate on 64-bit blocks; two identical 8-byte input blocks always yield identical ciphertext, making ECB unsuitable for anything beyond single-block token encryption or key wrapping.
  • CFB: Cipher Feedback for RC2/RC5/RC6 — the block cipher function encrypts the previous ciphertext segment (starting with IV) and the top n bits are XORed with n plaintext bits, converting the block cipher into a self-synchronizing stream mode. RC4 bypasses this entirely via its native PRGA stream.
  • OFB: Output Feedback for RC2/RC5/RC6 — the block cipher runs in keystream-generation mode, iteratively encrypting the IV-initialized feedback register. The output keystream is XORed with plaintext with no error propagation. For RC6, the 64-bit feedback provides a short keystream cycle relative to modern 128-bit block alternatives.

Security Considerations

  • RC4 must NOT be used in any new application. RFC 7465 (2015) formally prohibits RC4 in TLS; the Fluhrer-Mantin-Shamir attack (2001) recovered WEP keys in under one minute from captured IVs, and multiple follow-on attacks break RC4 at < 225 bytes of keystream with sufficient ciphertext. RC4 support here is strictly for legacy decryption tasks.
  • RC4-Drop mitigations (discarding the first 768–3072 bytes of PRGA output) reduce but do not eliminate RC4's biased-keystream vulnerabilities. The RC4 NOMORE attack (2015, at Black Hat) demonstrated cookie recovery in 75 hours against still-active RC4 TLS sessions. No configuration of RC4 is safe for new authenticated data exchange.
  • RC5 and RC6 have no published full-round practical attacks, but their 64-bit block sizes create Sweet32 birthday-bound exposure for large volumes of CBC-mode data. Using RC5 or RC6 in CBC mode with the same key for more than approximately 32 GB of data leaks plaintext through ciphertext block collisions.
  • RC2 was explicitly designed for export-controlled (40-bit effective) key strength and should be treated as weak. The 'effective key bits' parameter in RFC 2268 was the T1 parameter for export compliance; at full 128-bit key and T1=128, RC2 exceeds the old export limit but still lacks the block-size headroom of modern ciphers. Use exclusively for legacy S/MIME compatibility.

Use Cases

  • WEP/WPA legacy forensics: RC4-based WEP and early WPA-TKIP data recovery from captured 802.11 frames requires the original RC4 keystream — this tool reconstructs per-packet RC4 output given the three-byte IV and network key
  • S/MIME compatibility decryption: older email clients and X.509 certificate tools signed and encrypted using RC2/40 or RC2/128 under RFC 2268; decrypting these archives requires an RFC-compliant RC2 implementation
  • RC5 parameterization research: comparing RC5-32/12/16 against RC5-64/20/16 and RC5-16/16/8 variants demonstrates how the ARX word-rotation structure scales across word widths — useful for understanding parameterized cipher design
  • AES candidate evaluation study: RC6-32/20 was among the five AES finalists; reproducing its 128-bit block, 20-round, multiplication-based round function enables side-by-side comparison with Rijndael, Serpent, Twofish, and MARS on the same test vectors

References

Related Tools

AES Encryption/Decryption

Securely encrypt and decrypt text using AES algorithm

Blowfish Encryption/Decryption

Fast symmetric block cipher with variable key length (32-448 bits), designed by Bruce Schneier

Twofish Encryption/Decryption

AES finalist symmetric cipher with 128-bit blocks and 128/192/256-bit keys, designed by Bruce Schneier

Quick Menu

No recent tools