RC4 Decryption
Decrypt RC4 text or files online using passphrases, optional PBKDF2 or EvpKDF key derivation, and configurable drop bytes. Expand to read more.
RC4 decryption online
RC4 decryption generates the same keystream used during encryption and XORs it with the ciphertext. RC4 is an obsolete stream cipher with known statistical biases, and RFC 7465 prohibits its use in TLS. This page is intended for compatible legacy ciphertext and test data.
How to use this tool
Paste Hex or Base64 ciphertext, or choose a local file. Enter the exact key bytes or reproduce the passphrase KDF, hash, iterations, salt-dependent format, and derived-key size. Set the same Drop byte count used during encryption, then view or download the recovered data.
Matching cipher parameters
Settings must match the source implementation or RC4 encryption. Hex and Base64 represent ciphertext bytes and do not describe the key derivation or Drop variant. RC4 has no block mode, padding, or IV in this tool.
Security warning
Use RC4 only for legacy recovery or interoperability. Dropping early keystream bytes does not make the cipher secure for new data. Prefer a modern authenticated format such as AES decryption when available, and do not process sensitive data on an untrusted device or browser.
Frequently asked questions
Why can I not recover the original plaintext?
Compare the Drop value, raw key or passphrase, KDF, hash, salt, iterations, derived-key size, ciphertext encoding, and expected plaintext encoding. A wrong setting commonly returns meaningless bytes without an error.
Does encryption detect tampering?
No. RC4 has no authentication tag, so successful or readable output does not prove that the ciphertext is genuine or unchanged.