Home Verifpoint Login Business Solutions Help About Us Contact Us
What is RC4?

RC4 is a stream cipher designed by Rivest for RSA Data Security (now RSA Security). It is a variable key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random permutation. Analysis shows that the period of the cipher is overwhelmingly likely to be greater than 10100. Eight to sixteen machine operations are required per output byte, and the cipher can be expected to run very quickly in software. Independent analysts have scrutinized the algorithm and it is considered secure. 

RC4 is used for file encryption in products such as RSA SecurPC. It is also used for secure communications, as in the encryption of traffic to and from secure web sites using the SSL protocol. 
What is SSL?

The SSL (Secure Sockets Layer) Handshake Protocol [Hic95] was developed by Netscape Communications Corporation to provide security and privacy over the Internet. The protocol supports server and client authentication. The SSL protocol is application independent, allowing protocols like HTTP (HyperText Transfer Protocol), FTP (File Transfer Protocol), and Telnet to be layered on top of it transparently. Still, SSL is optimized for HTTP; for FTP, IPSec might be preferable. The SSL protocol is able to negotiate encryption keys as well as authenticate the server before data is exchanged by the higher-level application. The SSL protocol maintains the security and integrity of the transmission channel by using encryption, authentication and message authentication codes. 

The SSL Handshake Protocol consists of two phases: server authentication and an optional client authentication. In the first phase, the server, in response to a client's request, sends its certificate and its cipher preferences. The client then generates a master key, which it encrypts with the server's public key, and transmits the encrypted master key to the server. The server recovers the master key and authenticates itself to the client by returning a message authenticated with the master key. Subsequent data is encrypted and authenticated with keys derived from this master key. In the optional second phase, the server sends a challenge to the client. The client authenticates itself to the server by returning the client's digital signature on the challenge, as well as its public-key certificate. 
A variety of cryptographic algorithms are supported by SSL. During the "handshaking'' process, the RSA public-key cryptosystem is used. After the exchange of keys, a number of ciphers are used. These include RC2, RC4, IDEA,DES, and triple-DES. The MD5 message-digest algorithm is also used. The public-key certificates follow the X.509 syntax. 

For more information on SSL 3.0, click here 

Home  | |  VerifPoint Login  | |  Business Solutions  
Help  | | About Us  | |  Contact Us

A service provided by      
Terms of our Privacy Policy and Visitors Agreement.