RC4 [was: RE: Passport Passwords Stored in Plaintext]
Adam Shostack
adam at homeport.org
Mon Oct 22 10:04:10 EDT 2001
On Sun, Oct 21, 2001 at 04:11:19PM -0700, Jeff Simmons wrote:
| On Sunday 21 October 2001 02:52 pm, you wrote:
|
| >Designing protocols is a hard field, and
| >there seem to be lots of mistakes made when people use RC4. Is that
| >because its a bad cipher? No, its because people aren't used to
| >working with it. Because of that, I tend to look askew at RC4 based
| >systems.
|
| Are you referring to RC4 in particular, or streaming cyphers in
| general? And if it's just RC4, do you have a streaming cypher that
| you prefer to it?
Good question; the problems with RC4 have been a mix of not knowing
how to use stream ciphers ("Don't cross the streams!") and issues with
RC4 (needing to discard the first little chunk of stream as it gets up
to speed.
I've seen people go to RC4 for speed more than for its stream cipher
nature. I tend to push towards block ciphers, simply because we in
the public world have a lot more experience using them.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list