Quiz Entry - updated: 2026.07.14
Name two well-known stream ciphers and their status.
RC4 (now broken and deprecated) and ChaCha20 (modern, secure, widely used in TLS 1.3).
The trajectory is the real lesson here: the early popular designs (RC4, the GSM A5 family) leaked statistical structure in their keystreams and were eventually broken, so the field moved to designs like ChaCha20 that are built for conservative security margins and fast, constant-time software implementations.
RC4 (Rivest Cipher 4):
- Designed by Ron Rivest in 1987
- Was extremely popular (used in WEP, SSL/TLS, WPA-TKIP)
- Broken — statistical biases in the keystream were discovered
- Banned from TLS since 2015 (RFC 7465)
ChaCha20:
- Designed by Daniel Bernstein (2008)
- Used in TLS 1.3 (paired with Poly1305 for authentication → ChaCha20-Poly1305)
- Fast in software (no need for hardware AES instructions)
- Preferred on mobile devices without AES-NI support
A5/1 and A5/2:
- Used in GSM mobile phone encryption
- Both broken — A5/2 was intentionally weakened for export
Go deeper:
RC4 (Wikipedia) — the biases that broke the once-ubiquitous cipher.
Salsa20 / ChaCha20 (Wikipedia) — Bernstein's modern, fast, constant-time stream ciphers.
RFC 7465 — Prohibiting RC4 Cipher Suites — the IETF ban on RC4 in TLS (2015).