Columbia crypto box
Steven M. Bellovin
smb at research.att.com
Mon Feb 10 23:03:11 EST 2003
In message <3E487440.5050005 at tolstoy.uwaterloo.ca>, "Paul A.S. Ward" writes:
>Is it really fair to blame WEP for not using AES when AES wasn't around
>when WEP was being created?
>
Of course they couldn't have used AES. But there are other block
ciphers they could have used. They could have used key management.
They could have added a MAC. They could have used a longer "IV" field,
with a random starting point mandated by the spec. Or they could have
put a big warning on saying "this doesn't protect you from very much".
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list