3.1.1 Modified Alleged RC4

This protocol uses a variation of the RC4 algorithm called Modified Alleged Rivest Cipher 4 (MARC4) algorithm.

RC4 algorithm is specified in [SCHNEIER].

MARC4 is different from RC4 as following:

Both encryption and decryption MUST use the initialization vector (IV), and IV MUST be the same size as the secret key.
A new random IV MUST be generated every time that the data is encrypted. A matching IV MUST be used every time that the data is decrypted.
The IV MUST be XOR-ed with the secret key, and the result MUST be used as the secret key for RC4.
The first 256 bytes of the key stream MUST be discarded. Subsequent bytes of the key stream MUST be used in the same manner as they are used with RC4.

Additional resources