1

I have the binary data that I need to decipher, the algorithm (RC4) and the key. However, to decipher the data, one instruction I got is that "the length of the key initially gets skipped" or that "len bytes are skipped initially".

What does this mean exactly? Does it mean that if my key is 10 bytes long, that I need to pass in the binary data without the first 10 bytes to the decipher and then concatenate the first 10 bytes with the deciphered bytes?

const decipher = crypto.createDecipheriv('RC4', 'mysuperkey', null);
const buffer = decipher.update(data.slice('mysuperkey'.length));

decipher.final();

This does not work, so I might not understand the instruction.

Maxime Dupré
  • 5,319
  • 7
  • 38
  • 72

1 Answers1

0

RC4 is insecure for the first bits, so often you are instructed to skip over some initial bytes of the key stream. The way a stream cipher works is that it creates a stream of pseudo random data that depends on the key. That stream is XOR'ed with the plaintext to create the ciphertext, and with the ciphertext to create the plaintext.

To skip a number of bytes of the key stream you can simply encrypt / decrypt some (zero valued) bytes and throw away the results. This goes both for encryption and decryption. If the API has a specific skip method then you should of course use that, but I don't think it is present in CryptoJS.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Hey @Maarten, thanks for the answer. I was just reading your answer on crypto.stackexchange, what a coincidence! I'm using the native node `crypto` module, which doesn't have a built-in skip option, but the CryptoJS lib you mentionned, which I just checked, actually has a `drop` option (RC4-drop), which is great. However, I would like to understand what you mean by "To skip a number of bytes of the key stream you can simply encrypt / decrypt some (zero valued) bytes and throw away the results.". Would I have to decrypt twice with the same keystream? Once for the 0 bytes and once more with – Maxime Dupré Apr 19 '20 at 19:32
  • Once I have thrown away x bytes from the keystream, won't the keystream be too short for my ciphertext? – Maxime Dupré Apr 19 '20 at 19:56
  • 1
    No, the key stream is more or less limitless. – Maarten Bodewes Apr 19 '20 at 20:11