Columbia crypto box
Bill Frantz
frantz at pwpconsult.com
Mon Feb 10 19:02:33 EST 2003
At 1:26 PM -0800 2/10/03, David Wagner wrote:
>It's hard to believe that RC4 was chosen for technical reasons.
>The huge cost of key setup per packet (equivalent to generating 256
>bytes of keystream and then throwing it away) should dominate the other
>potential advantages of RC4.
The technical reasons people might chose RC4 for an embedded application
like 802.11 WEP include:
* Code size so close to zero as to make no never mind.
* Intermediate data size so close to zero as to make no never mind.
* Fast key setup (Forget tossing the 256 bytes of key stream.
The designers weren't crypto engineers. Personally, I'd toss the
first 1024.)
* Fast encrypt/decrypt.
* Commonly used in respected security applications (e.g. SSL).
>In any case, WEP would clearly look very different if it had been designed
>by cryptographers, and it almost certainly wouldn't use RC4. Look at
>CCMP, for instance: it is 802.11i's chosen successor to, and re-design
>of, WEP. CCMP uses AES, not RC4, and I think that was a smart move.
I agree. WEP is what you get when you don't seek public review.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Due process for all | Periwinkle -- Consulting
(408)356-8506 | used to be the Ameican | 16345 Englewood Ave.
frantz at pwpconsult.com | way. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list