RC4: Known plaintext key, unknown key derivation

slipheed

5/17/23, 1:19 AM

I am working with an older piece of software that generates encrypted backups that I'd like to decrypt. I have a plaintext key, a few examples of encrypted data and I'm pretty sure the data is ASCII, but I don't know how they derive the RC4 key from the plaintext key.

How would I go about testing key derivations comprehensively? The space must be relatively small, even if I'm considering all the RC4 key lengths.

0 + 0

rc4

poncho

5/17/23, 1:44 AM

Have you tried just inserting the plaintext key into the RC4 algorithm as is? It does take variable length (1-256 byte) keys, so that's the obvious way they might have implemented it.

slipheed

5/17/23, 2:11 AM

@poncho The key itself is 237 bytes long - I believe that's too long, isn't it?

poncho

5/17/23, 3:22 AM

No, it's not too long; RC4 can handle keys up to 256 bytes in length

slipheed

5/18/23, 12:29 AM

@poncho, thanks that turned out to be it! It was a raw key.

Score:1

Crypto

poncho

5/18/23, 12:58 PM

How would I go about testing key derivations comprehensively?

Why don't you start with the most obvious possibility first? RC4 takes a variable length (1-256 byte) key; perhaps they used the key you present directly as into to the RC4 key setup algorithm?

[From your comments, we already know this answer is the correct one - this is just so that the question has an official answer]

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: RC4: Known plaintext key, unknown key derivation

TH: RC4: คีย์ข้อความธรรมดาที่รู้จัก ที่มาของคีย์ที่ไม่รู้จัก

RO: RC4: cheie de text simplu cunoscută, derivație necunoscută a cheii

RU: RC4: известный открытый текстовый ключ, неизвестное происхождение ключа

VI: RC4: Khóa bản rõ đã biết, dẫn xuất khóa không xác định

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.