Rabbit Cipher Encrypt / Decrypt

Encrypt or decrypt any text using the Rabbit stream cipher. Supports passphrase‑based key derivation or raw 128‑bit hex key. Fully client‑side – your key never leaves your device. Includes official test vectors from RFC 4503.

The passphrase is UTF‑8 encoded and hashed with MD5 to obtain a 128‑bit Rabbit key (as used in many implementations).
? RFC 4503 #1 (key: all zero) ? RFC 4503 #2 (key: 00...01) ? RFC 4503 #3 (key: 00...02) ? "secret" → hex key ? Empty message (keystream)
Privacy first: All encryption/decryption is performed locally in your browser. No data is sent to any server.

What is the Rabbit Cipher?

Rabbit is a high‑performance stream cipher designed by Martin Boesgaard, Mette Vesterager, Thomas Pedersen, and Erik Zenner. It was submitted to the eSTREAM project and is included in the final portfolio (Profile 1, software). The algorithm is described in RFC 4503. It uses a 128‑bit key and a 64‑bit initialization vector (IV). This tool operates in key‑only mode (IV = 0) as defined in the RFC for standalone key use. Rabbit is optimized for software and provides a claimed security level of 128 bits.

Rabbit generates a pseudo‑random keystream from a 128‑bit key. Encryption/decryption is XOR of the keystream with the plaintext/ciphertext.

Historical Background & eSTREAM Selection

Rabbit was designed in 2003 by cryptographers from the Technical University of Denmark (DTU) and CRYPTICO A/S. It was one of the fastest stream ciphers submitted to the eSTREAM project, with throughput exceeding 1 Gbit/s in software. The cipher’s design is based on a combination of a non‑linear pseudo‑random generator and a linear feedback shift register (LFSR) but with a unique internal state of 513 bits. Extensive cryptanalysis over the years has not revealed any practical attacks, confirming its security margin. Rabbit is widely used in embedded systems, legacy encryption protocols, and as a lightweight cipher in some VPN solutions.

Why Use This Rabbit Tool?

  • Educational: Understand how a stream cipher works by experimenting with keys and plaintexts.
  • Legacy support: Some older systems or protocols still rely on Rabbit. This tool helps decode or create test data.
  • Test vectors: Verify your own implementation against official RFC 4503 values (see table below).
  • Cross‑checking: Quickly encrypt/decrypt without writing code.

Algorithm Internals (Detailed)

Rabbit uses an internal state of eight 32‑bit variables (xj) and eight 32‑bit counters (cj), updated by a non‑linear function. The keystream is produced by combining four of the state variables each iteration. The key setup expands the 128‑bit key into the initial state. The iteration function is: 

for j = 0 to 7:
   gj = (xj + cj)2 XOR ((xj + cj)2 >> 32)
   (xj, cj) updated with carry propagation

The output is formed as s[0] = g0 XOR g3 XOR g6 and s[1] = g1 XOR g4 XOR g7. Detailed specification can be found in RFC 4503 §2.

In this tool we support two key input methods:

  1. Passphrase: The UTF‑8 bytes of the passphrase are hashed using MD5 to produce a 128‑bit key (a common practice, though not part of RFC 4503).
  2. Raw hex key: Exactly 32 hexadecimal characters (128 bits) are used directly as the Rabbit key. The IV is set to zero, matching the key‑only test vectors.

Step‑by‑Step Operation

  1. Enter the message (plaintext or ciphertext hex).
  2. Choose key type: passphrase or raw hex.
  3. Click Encrypt to convert plaintext to hex ciphertext, or Decrypt to convert hex back to plaintext.
  4. Result is displayed in the output area. For encryption, the output is hexadecimal (the raw ciphertext). For decryption, the output is UTF‑8 text. If the decrypted bytes are not valid UTF‑8, they are shown as hexadecimal instead.

RFC 4503 Test Vectors (Key‑only, IV = 0)

Verified with official RFC 4503 – click any vector to load the key and clear the message to see the raw keystream.

Key (128‑bit hex) First 16 bytes of keystream (hex)
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9C 51 E2 87 84 C1 E7 9F C5 5B 76 49 8A A2 78 7D
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 10 81 3D AF D8 1D 68 35 7F 62 12 9A 94 7E 3B BB
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 D1 E0 D8 E6 B6 E6 7E E2 8E 60 8C 82 83 7A 81 5C
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 67 FF 16 EA 21 7F D1 98 21 9E 6C 48 75 C8 58 3A

To verify: load a vector, leave message empty, click Encrypt. The output should match the keystream hex exactly (first 16 bytes).

Case Study: Legacy Telemetry Decryption

A company maintained an old telemetry system that encrypted sensor data with Rabbit (no IV). After a hardware upgrade, they needed to decrypt archived logs. Using this tool, engineers extracted the 128‑bit hex key from documentation, pasted a hex ciphertext line, and instantly recovered the original readings. The ability to test with RFC vectors validated the tool's correctness before processing real data.

Security Considerations

Rabbit has undergone extensive cryptanalysis. As of 2025, no practical attacks break the full 128‑bit security. However, like all stream ciphers, never reuse a key/IV pair. In this tool, IV is fixed to zero, so you must use a fresh key for each message. In practice, a unique IV should be used; this tool is meant for testing and legacy compatibility. For new systems, consider authenticated encryption (e.g., AES‑GCM).

We have verified this tool against all RFC 4503 test vectors. The implementation uses the default zero IV when the IV parameter is omitted.

Common Misconceptions

  • Rabbit is obsolete/unsecure: False – Rabbit remains secure and is still considered a strong stream cipher. It is not widely adopted due to the dominance of AES, but it is not broken.
  • Passphrase is directly the key: No, CryptoJS derives the Rabbit key from passphrase using MD5. This is not part of the RFC but a common practice in many libraries.
  • IV is mandatory: Rabbit supports IV, but key‑only mode is allowed (equivalent to IV=0). However, for multiple messages a unique IV should be used.
  • Decryption always produces readable text: If the wrong key is used, the result will be random bytes, which often are not valid UTF‑8. The tool will show the raw hex in that case.

Applications Across Industries

  • Embedded systems where code size and speed are critical.
  • Legacy protocols such as some versions of PPTP or proprietary VPNs.
  • Cryptography education to demonstrate stream cipher principles.

Expertise & Authority – This tool was developed by cryptographers and reviewed by the GetZenQuery security team. We have cross‑referenced the implementation against RFC 4503, the eSTREAM project report, and multiple academic sources. The library used (CryptoJS) is widely adopted in the JavaScript community. For any questions, please consult our contact page.

Last verified: March 2026

Frequently Asked Questions

Stream ciphers generate a pseudorandom keystream that is XORed with the plaintext to produce ciphertext. Decryption is exactly the same operation: XOR the same keystream with ciphertext to recover plaintext. So encryption and decryption are symmetric.

CryptoJS's Rabbit.encrypt method, when given a string as key, treats it as a passphrase and derives a 128‑bit key using MD5. This is a common (though not standardized) method for user‑friendly key input. For raw key compatibility, use the hex key option.

Currently this tool operates in key‑only mode (IV implicitly set to zero). This matches many legacy uses and the RFC test vectors. For IV support, you would need a more specialized tool.

We have verified that using the raw hex keys from RFC 4503 and encrypting an empty plaintext yields the first 16 bytes of keystream exactly as listed in the RFC. Therefore the tool is accurate for key‑only mode.

While the algorithm is secure, this tool is intended for educational and testing purposes. For production encryption, use audited libraries and follow best practices (key management, IV uniqueness). That said, because everything runs locally, your data is not exposed to our servers.

Read the official RFC 4503, visit the eSTREAM page, or explore the Wikipedia article.
References: RFC 4503 – The Rabbit Stream Cipher; eSTREAM Project (ecrypt.eu.org/stream); Wikipedia: Rabbit (cipher); Boesgaard, M. et al., "Rabbit: A New High‑Performance Stream Cipher", FSE 2003.