RC4 [was: RE: Passport Passwords Stored in Plaintext]
Adam Shostack
adam at homeport.org
Sun Oct 21 17:52:10 EDT 2001
On Thu, Oct 11, 2001 at 01:31:36AM -0700, jamesd at echeque.com wrote:
| On 8 Oct 2001, at 11:37, Ray Dillinger wrote:
| > In which case, what you've got isn't RC4 anymore
|
| You do not understand encryption.
|
| RC4 is an encryption method, that needs to be part of a
| protocol. The protocol can be designed correctly or
| incorrectly, but either way it is still a protocol that uses
| RC4.
|
| In the usual protocols that contain RC4, each session has a
| new transient session key. The fact that RC4 leaks a small
| amount of information about that session key is unimportant
| in such protocols.
|
| RC4 is like a brick that can be used to build a house.
I'd say that RC4 is like one of those cool, semi-opaque glass bricks.
Not in the sense that it is weak (you can put quite a bit of load on a
wall of those) but in the sense that it is different than your typical
dried-mud sort of brick. Designing protocols is a hard field, and
there seem to be lots of mistakes made when people use RC4. Is that
because its a bad cipher? No, its because people aren't used to
working with it. Because of that, I tend to look askew at RC4 based
systems.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list