Fast MAC algorithms?

Joseph Ashwood ashwood at msn.com
Sun Aug 2 07:07:51 EDT 2009


--------------------------------------------------
From: "James A. Donald" <jamesd at echeque.com>
Subject: Re: Fast MAC algorithms?

> Joseph Ashwood wrote:
>>>> RC-4 is broken when used as intended.
>> ...
>>>> If you take these into consideration, can it be used "correctly"?
>
> James A. Donald:
>>> Hence "tricky"
>
> Joseph Ashwood wrote:
>> By the same argument a Viginere cipher is "tricky" to use securely, same
>> with monoalphabetic and even Ceasar. Not that RC4 is anywhere near the
>> brokenness of Viginere, etc, but the same argument can be applied, so the
>> argument is flawed.
>
> You cannot use a Viginere cipher securely. You can use an RC4 cipher
> securely:  To use RC4 securely discard the first hundred bytes of output,
> and renegotiate the key every gigabyte.

The way to use a Viginere securely is to apply an All-Or-Nothing-Transform 
to the plaintext, then encrypt, this results in the attacker entropy of the 
system that is in excess of the size, and therefore a OTP. There are other 
ways, but this method is not significantly more complex than the efforts 
necessary to secure RC4 and results in provable secrecy. It is just tricky 
to use a Vigenere securely.
                    Joe 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list