[!! SPAM] Re: Is AES better than RC4
Joseph Ashwood
ashwood at msn.com
Wed May 24 07:05:14 EDT 2006
----- Original Message -----
From: "James A. Donald" <jamesd at echeque.com>
Subject: [!! SPAM] Re: Is AES better than RC4
> --
> Joseph Ashwood wrote:
> > RC4 should have been retired a decade ago,
>
> Why?
It is in general distuingable from random, actually quite quickly.
The first few bytes are so biased that any security is imaginary.
Using it securely requires so much in the way of heroic efforts that the
overall system slows down into the same speed class as a much simpler, more
secure design based on AES (or 3DES, or a dozen other ciphers).
The key anti-agility slows it down to the point of being functionally
unusable for any system that requires rekeying.
It's only redeeming factors are that the cipher itself is simple to write,
and once keyed it is fast. Neither of these is of any substantial use after
considering the previous major issues.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list