This article is a work in progress.

RC4-drop[n] variant

It was discovered that the first few bytes of the RC4 keystream leak information about the original key. To mitigate this vulnerability of the stream cipher a new algorithm variant was introduced, commonly referred to as RC4-drop[nn], where nn signifies a number of initial bytes of the keystream to be discarded.


While RC4 is remarkable for its simplicity and speed, multiple weaknesses have been discovered, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded (see RC4-drop[n] variant), or when non-random or related keys are used.