Requesting feedback on patched RC4-variant

Nikita Borisov nikitab at
Tue Apr 24 13:47:19 EDT 2001

In article < at>,
Greg Rose  <ggr at> wrote:
>As Perry points out, you need integrity protection anyway, whether using 
>RC4 or not. But I'd like to point out that this is one of the few things 
>*not* really wrong with WEP. Remember that the signal is being send using 
>DSSS (Direct sequence spread spectrum, similar to CDMA digital phones) and 
>the chances of an attacker being able to change just one bit, or a targeted 
>selection of bits, in a message, is essentially zero.

Of course it's difficult to modify a message while it's in transit.
However, WEP does not prevent replay attacks, so it is possible to
replay a previously transmitted frame with appropriate modifications.
Some people have also suggested tricks to me that can ensure that the
original message never gets received, if that is a concern.  I stand by
the claim that integrity protection is important in a protocol such as

- Nikita

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list