In my last post I discussed the Advanced Encryption Standard (AES). Another encryption standard is known as RC6. Its predecessors were RC4 and RC5. RC6 is a fast block cipher (cryptographic algorithm) designed by Ronald Rivest for RSA Data Security (now RSA Security) in 1994. RC by the way stands for Ron’s Code and/or Rivest’s Ciphers.

What a block cipher does is take clear text and then operate on chunks of that text known as blocks. The “operates on chunks of that text”  means that an algorithm is applied to the block which performs an encryption on the input block using a secret key and outputs a corresponding block of ciphertext. The decryption process is similar in that a block of ciphertext has an algorithm applied to it, using the same secret key and produces the original block of plaintext.

A block cipher differs from a stream cipher, such as RC4, in that a block cipher works on “blocks” of cleartext and a stream cipher works on a stream of digits one at a time.

A block size is typically 64 or 128 bits, although some ciphers have a variable block size. RC4 is often used with 128-bit keys and is widely popular. RC4 can be exported out of the U.S. as long as its secret key lengths are 40 bits or less. Unfortunately the shorter key length makes it vulnerable to attacks.

The SSL protocol supports overlapping sets of cipher suites such as DES, 3DES, RC2 and RC4. SSL will use an RC4 128-bit key.  In addition, the protocol used in wireless LANs, WEP (Wired Equivalent Privacy), also uses RC4 where WEP uses a 40-bit key.

RC5 has a variable key size and can range from 0 bits to 2040 bits. And with RC6, the upper limit on the key size is also 2040 bits.