What is the key size range for the symmetric stream cipher RC4?

The key size range for the symmetric stream cipher RC4 is crucial for understanding its security and application. The correct range is between 8 and 2048 bits. One of the reasons this range is significant is that RC4 allows for a variety of key lengths, which means it can be more flexible in terms of both security strength and performance.

To achieve adequate security, however, many implementations use keys that are at least 128 bits, as shorter keys (like 8 bits or even 40 bits, which were used in some Internet protocols) are susceptible to brute-force attacks. The upper limit of 2048 bits provides a theoretical maximum that aligns with current encryption standards, while ensuring that the algorithm retains its usability in a range of scenarios.

In practical implementations, particularly in networking standards such as WEP (Wired Equivalent Privacy) and SSL (Secure Socket Layer), various key sizes were utilized, which is why understanding RC4's flexibility in key length is fundamental. This aspect of RC4 is what makes it widely discussed in security contexts, particularly before vulnerabilities were discovered that led to its decline in use.