[Cryptography] RC4 and SHA2
Hanno Böck
hanno at hboeck.de
Thu Aug 27 15:52:59 EDT 2015
On Thu, 27 Aug 2015 08:18:28 -0700
"Hubert A. Le Van Gong" <hubert at levangong.org> wrote:
> Are there any cryptographic reasons that would forbid a (TLS)
> ciphersuite to combine RC4 and a SHA2 MAC?
You need to be more precise with the question: What do you mean by
"forbid".
There is no technical reason that would prevent that. Right now as
far as I know RC4 is specified with SHA1 and MD5 MACs, you could replace
that with sha2, would increase your MAC blocks, but it's certainly
possible.
But of course it would suffer from all the known attacks on RC4. And
there is an RFC "forbidding" RC4.
Also there is pretty much agreement that future TLS ciphers should have
AEAD modes. So even if RC4 wasn't broken your new construction probably
wouldn't be welcomed.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150827/3411487a/attachment.sig>
More information about the cryptography
mailing list