[Cryptography] Fwd: OPENSSL FREAK

Ryan Carboni ryacko at gmail.com
Mon Apr 6 12:11:58 EDT 2015

What do you want, he's part of the IETF TLS faction that thinks RC4 is
insecure, because one guy is selectively using math to attack RC4 in a
fashion no one would ever actually attempt.

I'll just reiterate what I previously posted to this mailing list:

> A 2^24 attack is impressive.
> Now... let's see... going through a list of 70,000,000 passwords
>  log(70,000,000)/log(2)=26 bits.
> but many passwords aren't unique, and many are more common than others
> and could be cross referenced with other databases of usernames and
> passwords, as well as maybe an automated search of a user's social media
> preference to determine their pets and interests....
> I think cryptography is suffering from an excessive focus on math.
But whatever.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150406/8838257c/attachment.html>

More information about the cryptography mailing list