Deprecation Announcement: RC2

    • As part of our ongoing effort to maintain the highest level of security and performance, we are announcing the upcoming deprecation of RC2 from wolfCrypt. All of our products depend on wolfCrypt for their algorithm implementations so this could have consequences across our whole product line.

    What is RC2?

    RC2 is a symmetric-key block cipher that was widely used in the past for data encryption. Developed in 1987 by Ron Rivest, RC2 is now over 35 years old.

    Why is RC2 being deprecated?

    The main reasons for deprecating RC2 are:

    • Security vulnerabilities: RC2 has been shown to be vulnerable to certain attacks, such as brute-force attacks and side-channel attacks.
    • Limited key size: RC2’s key size is limited to 64 bits, which is considered too small for modern cryptographic purposes.
    • Better alternatives available: TLS 1.3 forbids RC2 and now there are more secure and efficient cryptographic algorithms available, such as AES and ChaCha20.
    • Regulatory requirements: The NSA has made it clear, RC2 is now obsolete. Learn more

    What does this mean for our users?

    We will soon be deprecating RC2 in our products and services. This means that:

    • New versions of wolfCrypt: RC2 will no longer be available in future version of wolfCrypt. Are you using protocols that require RC2? Does this break compatibility with peers you communicate with? Let us know by sending a message to support@wolfssl.com
    • Existing deployments: We will provide a transition period for existing deployments to migrate to a more secure algorithm.
    • Support: We will no longer provide support for RC2-related issues, but we will make suggestions to help ease your transition.

    What are the recommended alternatives?

    We recommend using more secure and efficient cryptographic algorithms, such as:

    • AES: A widely used and highly secure symmetric-key block cipher.
    • ChaCha20: A fast and secure stream cipher.

    We encourage our users to start planning their migration to a more secure algorithm as soon as possible.

    If you have any questions or concerns, please don’t hesitate to reach out to facts@wolfSSL.com or call us at +1 425 245 8247.

    Download wolfSSL Now