Windows Forms: Encryption and Decryption using RC4 in C#

By FoxLearn 3/23/2024 1:53:07 AM   10.96K
This post shows you How to implement the RC4 (Rivest Cipher 4) algorithm in C# to encrypt and decrypt string.

RC4 (Rivest Cipher 4) is a symmetric stream cipher algorithm developed by Ron Rivest in 1987. It was initially a trade secret but was later leaked and became widely used in various security protocols and applications.

How to implement the RC4 algorithm in C#

Open your Visual Studio, then create a new Windows Forms Application project, then drag and drop the textbox, label and button from the Visual Studio toolbox onto your winform.

You can design a simple UI that allows you to encrypt and decrypt a string using the RC4 algorithm as shown below.

c# rc4 encryption algorithm

You can see the picture below, to see how the rc4 algorithm works.

rc4 algorithm

The output byte is selected by looking up the values of S(i) and S(j), adding them together modulo 256, and then looking up the sum in S, S(S(i) + S(j)) is used as a byte of the key-stream, K.

Here's a brief overview of how RC4 encryption and decryption work.


  1. Key Scheduling Algorithm (KSA): RC4 initializes a permutation array called "S-box" or "state". This state consists of 256 bytes (0-255) arranged in a random order based on the provided key.

  2. Pseudo-Random Generation Algorithm (PRGA): During encryption, RC4 generates a stream of pseudo-random bytes using the state generated in the previous step. This stream is then XORed with the plaintext to produce the ciphertext.


Decryption in RC4 is essentially the same process as encryption. Since RC4 is a stream cipher, encrypting and decrypting with the same key stream reverses the process. That is, to decrypt the ciphertext, you would XOR it with the same keystream generated during encryption.

RC4 is a symmetric key algorithm, meaning the same key is used for both encryption and decryption. It's simplicity and speed made it popular, especially in applications where efficiency is critical.

However, RC4 has some vulnerabilities, particularly related to its key scheduling algorithm. It's vulnerable to certain statistical biases, which can weaken its security if not properly mitigated.

Due to these vulnerabilities, RC4 is not recommended for use in new cryptographic protocols, and many organizations have deprecated its use in favor of more secure algorithms like AES (Advanced Encryption Standard).

We will implement the RC4 algorithm in c# by creating an RC4 method to encrypt your data using RC4 algorithm as shown below.

//c# encrypt string rc4
public string RC4(string input, string key)
    StringBuilder result = new StringBuilder();
    int x, y, j = 0;
    int[] box = new int[256];
    for (int i = 0; i < 256; i++)
        box[i] = i;
    for (int i = 0; i < 256; i++)
        j = (key[i % key.Length] + box[i] + j) % 256;
        x = box[i];
        box[i] = box[j];
        box[j] = x;
    for (int i = 0; i < input.Length; i++)
        y = i % 256;
        j = (box[y] + j) % 256;
        x = box[y];
        box[y] = box[j];
        box[j] = x;
        result.Append((char)(input[i] ^ box[(box[y] + box[j]) % 256]));
    return result.ToString();

RC4 algorithm performs encryption and decryption in c# with key. So you can add code to the Encrypt button click event as the following c# code.

Double-click on the Encrypt button, then add a click event handler allows you to encrypt string using RC4, then set the value to encrypt texbox control.

// c# rc4 encryption decryption example
private void btnEncrypt_Click(object sender, EventArgs e)
    txtEncrypt.Text = RC4(txtInput.Text, "123");

Double-click on the Decrypt button, then add a click event handler allows you to decrypt string using RC4, then set the value to decrypt texbox control.

// c# rc4 encryption decryption example
private void btnDecrypt_Click(object sender, EventArgs e)
    txtDecrypt.Text = RC4(txtEncrypt.Text, "123");

You can also use the RC4 algorithm to encrypt and decrypt password using c# code.