[Cryptography] RC4 again (actual security, scalability and other discussion)

James A. Donald jamesd at echeque.com
Sat Mar 8 18:58:09 EST 2014

On 2014-03-08 20:57, Miroslav Kratochvil wrote:
>  From all sources I have ever seen I can say that RC4 itself is not
> broken. I'm usually proving and explaining that fact to everyone quite
> successfully, but it's always better if you ask someone else about his
> opinion. That is, as you can now probably see, roughly the whole purpose
> of this post. If you find any errors in following statements, please
> report them.

Arc4 is not broken.  It has known weaknesses, and must be used correctly 
in the light of these known weaknesses.  It frequently is not used 

This is similar to the debate on garbage collected languages.  You can 
easily cut yourself using a sharp tool, but sharp tools have their 
proper place.

More information about the cryptography mailing list