(A)RC4 state leakage

Sidney Markowitz sidney at sidney.com
Thu Dec 27 20:29:30 EST 2001


Here's something by Ron Rivest about RC4 security that will give you a
simple overview before delving into the articles that Steve Bellovin
cited in his message. Note that Steve Bellovin's link includes the two
papers on RC4 weaknesses that Rivest references.

http://www.rsasecurity.com/rsalabs/technotes/wep.html


On Thu, 2001-12-27 at 16:42, Damien Miller wrote:
> The common wisdom when using (A)RC4 as a PRNG seems to be to discard
> the first few bytes of keystream it generates as it may be correlated
> to the keying material.





---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list