C Symmetric Stream Cipher

Does anyone have a good implementation of a stream cipher written in pure portable C? I am not terribly concerned with the strength of the cipher at this point in time because it is only for a proof of concept, but speed would be important. I've thought about just Xor'ing with a constant if I cannot find a decent stream cipher.

From stackoverflow

• Have you looked at OpenSSL? It has a secure implementation of a lot of cryptographic algorithms and primitives. You don't have to use it with anything network related. However, it's not really well documented or easy to learn. If you care a lot about security (for instance, if you are storing private user data such as credit cards) you should definitely use OpenSSL or some other secure implementation instead of rolling your own.

  Steven Behnke : RC4 in OpenSSL may work. I was kind of hoping to just have an implementation of the cipher in a stand alone C file rather than a whole library to import though.

• I got Blowfish going without much trouble. It claims to be faster than DES.

  Steven Behnke : Blowfish is a block cipher, not a stream cipher.

  Jason S : from wikipedia's http://en.wikipedia.org/wiki/Block_cipher : Stream ciphers can be built using block ciphers. OFB-mode and CTR mode are block modes that turn a block cipher into a stream cipher.

• For a pure POC application, you can quickly throw ROT13 into place. http://en.wikipedia.org/wiki/ROT13

  However, I'm very hesitant in making the suggestion since too frequently simple POC code that's meant to be replaced later never is...

  Steven Behnke : Yeah, I was hoping for something a little bit cryptographically stronger than Rot13 and I'm dealing with binary data not an ASCII byte stream.

  Brian Knoblauch : 3ROT128? :-) Sorry, couldn't help it. :-)

• RC4 is a very simple algorithm to implement.

  Check out Sterling Camden's implementation or Adam Back's implementation.

  Steven Behnke : Thanks. I'll give Rc4 a try.

• Here is an extremely basic implementation of a stream cipher in C. It is not, by any means meant to be secure. It simply illustrates how to perform the basic steps required.

  The real magic needs to be done in the CycleKey function, which generates new key values as each chunk of data is passed through the encryption stream.

  This example encrypts one char at a time. You would have to extend the concept to larger chunks of data for the encryption to be anywhere near secure. Once again, I have done this simply to illustrate the basic steps.

  Good luck with the project!

  #include <stdio.h>
  
  char staticKey;
  
  void CycleKey(char data)
  {
      /* this is where the real magic should occur */
      /* this code does *not* do a good job of it. */
  
      staticKey += data;
  
      if (staticKey & 0x80)
      {
          staticKey ^= 0xD8;
      }
      else
      {
          staticKey += 0x8B;
      }
  }
  
  void ResetCipher(const char * key)
  {
      staticKey = 0;
  
      while (*key)
      {
          CycleKey(*key);
          key++;
      }
  }
  
  void Encrypt(const char * plaintext, char * encrypted)
  {
      while (*plaintext)
      {
          *encrypted = *plaintext + staticKey;
  
          CycleKey(*encrypted);
  
          encrypted++;
          plaintext++;
      }
  
      *encrypted = '\0';
  }
  
  void Decrypt(char * plaintext, const char * encrypted)
  {
      while (*encrypted)
      {
          *plaintext = *encrypted - staticKey;
  
          CycleKey(*encrypted);
  
          plaintext++;
          encrypted++;
      }
  
      *plaintext = '\0';
  }
  
  int main(void)
  {
      char * key = "123";
      char * message = "Hello, World!";
      char encrypted[20];
      char decrypted[20];
  
      ResetCipher(key);
      Encrypt(message, encrypted);
  
      ResetCipher(key);
      Decrypt(decrypted, encrypted);
  
      printf("output: %s\n", decrypted);
  
      return 0;
  }
  

• See the ECRYPT eStream project. These are serious hardcore cryptographic algorithms judged by security experts. As far as I know all the candidate algorithms were required to include an implementation in pure C (not C++).

  edit: The great thing about that website is it goes into a lot of depth about the different algorithms, including their known weaknesses, and includes performance benchmarks as well.

  Steven Behnke : They don't seem to be available yet, unless I just can't find the link.

  Jason S : The links are there but are nonstandard (no underlining) -- they are the items in the tables. (mouse over and you should see the cursor change for a link)