So after spending a few years working first on a encrypted proxy solution and then moving to a encrypted tunnel solution, I’ve carried forward this highly modified version of the RC4 stream cipher, trying to tune it up and make improvements to it over time. This latest version includes the following features over the original version.

ARCF-DROP-INIT-CBCX-AUTH

• Extended key state generation algorithm to shuffle and drop the first 768-bytes
• Enhanced KSGA to incorporate and weight both the secret key as well as a 256-bit initialization vector
• Added IV can also include a 40-bit increasing counter to help prevent replay attacks
• Core crypto allows for Cipher Byte Chaining which will XOR the last output byte with the next input byte
• Core crypto loop also mixes in the IV and the CBC byte values into the key state
• The key state itself is never directly used but instead only the XOR of two other key state byte index values
• The IV is then encrypted by the unique key state to provide a trailing 256-bit authentication hash tag

[C Snippet]

Source Code: https://github.com/stoops/vpn/blob/main/lib/enc.c

~