I have an implementation of the RC4 cipher in PHP already (it looks almost indentical to this http://pear.php.net/package/Crypt_RC42).
However, I'd like to introduce the "Drop-N" approach as mentioned in (http://en.wikipedia.org/wiki/RC4#Fluhrer.2C_Mantin_and_Shamir_attack).
Is there a simple way to implement this based on the Class i'm using above?
All you have to do is add n bytes of data to the start of your plaintext (or ciphertext) before encrypting (or decrypting).
It doesn't matter what these bytes contain, as long as there are n of them. Then discard the first n bytes of the encrypted (decrypted) data. Using different pad bytes for encryption and decryption will make no difference.
Or in other words:
$define('DROP_N_PADDING_LENGTH',512); // (or whatever)
$message = "Hello, world!";
// encrypt:
$ciphertext = $rc4->encrypt(str_repeat(" ",DROP_N_PADDING_LENGTH) . $message);
$ciphertext = substr($ciphertext,DROP_N_PADDING_LENGTH);
// decrypt:
$plaintext = $rc4->decrypt(str_repeat(" ",DROP_N_PADDING_LENGTH) . $ciphertext);
$plaintext = substr($plaintext,DROP_N_PADDING_LENGTH);
