Encryption Using the RC4 Algorithm (Overview)

Description

Purpose and Restrictions

An encryption function that uses the RC4 algorithm was prepared so you can perform encryption easily with a low impact on the system load. We assume that you will use this function when you do not want dynamically generated game data to be sent over the network unencrypted or when you do not want to save data to backup memory unencrypted.

However, because shared key encryption is used with RC4, the key data used for both encryption and decryption must be stored in the software. Therefore, the key may be discovered by analyzing the ROM binary which could threaten encryption. Do not use this function alone for encrypting highly sensitive data or for verifying the author of data.

If you need to authenticate the data author, use the CRYPTO_VerifySignature function to verify the digital signature. Be sure to use SSL communications (enabled using SOC_EnableSsl) for safely communicating with the server using the NITRO-SDK WiFi library.

Features of the RC4 Algorithm

The RC4 algorithm has the following features.

• Public key encryption.
• Stream encryption
• High-speed encryption/decryption
• No known efficient analysis technique

Using stream encryption is simple because the number of input bytes matches the number of output bytes. However, it may not remain robust if certain precautions are not followed. Be sure to note the precautions described below.

Principle of Operation of the RC4 Algorithm

The RC4 algorithm works by creating a uniquely defined random number string from the key, then XOR-ing the original data with the random number string. As a result, the same key always generates the same encryption random number string. This is described as follows:

1. The same encrypted data is always generated from the same key and the same data. In other words, it is possible to tell whether one encrypted text has the same source data as another encrypted text. (Dictionary Attack)
2. When two sets of data generated using the same encryption key are XOR-ed, it is possible to obtain the result of XOR-ing the original plain text data. (This is one type of differential attack.)
3. It is possible to reverse a bit of data after decryption by reversing one bit of data anywhere in the encrypted text. (Bit inversion attack)

In order to foil the dictionary attacks and differential attacks, a unique initialization vector (IV) is created each time and a added to the public key to create a real key for RC4 algorithm to use. When the encrypted data is sent, the unencrypted IV must also be sent. For example, out of the 128 bits passed as a key to the RC4 function, 96 are handled as the true private key, while the remaining 32 are filled with a different number each time for use as the initialization vector.

To avoid bit inversion attacks, a message digest value such as MD5 or SHA-1 is attached to any sent data. Because an attacker does not know the original data, the correct message digest value cannot be calculated even if the attacker changed any bits. Functions for finding MD5 and SHA-1 are provided in the NITRO-SDK.

For more information, refer to a general reference on encryption.

See Also

List of CRYPTO Functions

Revision History

03/07/2006 Initial version.