Re: reflecting on RC4

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

John Kelsey (kelsey@plnet.net)
Wed, 17 Feb 1999 06:35:35 -0600

Next message: Niels Möller: "SSL sans RSA"
Previous message: Decimation: "A small question..."
In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
Next in thread: Alex Alten: "Re: reflecting on RC4"
Reply: Alex Alten: "Re: reflecting on RC4"

-----BEGIN PGP SIGNED MESSAGE-----

[ To: CodherPlunks ## Date: 02/17/99 ##
Subject: reflecting on RC4 ]

>Date: Wed, 17 Feb 1999 00:21:45 -0800
>To: CodherPlunks@toad.com
>From: Alex Alten <Alten@Home.Com>
>Subject: reflecting on RC4

>Correct me if I'm wrong, but doesn't RC4's strength drop to
>a maximum of 16 bits with a chosen plaintext attack? The
>chosen plaintext would be the first 256 bytes enciphered.

Hmmm. RC4 is a keystream generator. You give it a key, it
sets up and starts cranking out random-looking bytes. A
chosen-plaintext attack on such a system is equivalent to a
known-plaintext attack. So no, I don't think there is any
such attack. But if there is, I'd sure like to see it.

Is it possible you're thinking of some variant of RC4 with
ciphertext or plaintext feedback? I've seen such variants
proposed, and they're generally *very* weak. There's just
not enough stuff going on in RC4 to give you any protection
once you start letting an attacker choose inputs to
manipulate your RC4 byte permutation state. (This whole
thing leads me to suspect that it ought to be cheaper to run
a block cipher in a stream-ciphering mode than to run it in
a normal block ciphering mode. It just ought to take fewer
rounds when you only have to worry about known-plaintext
attacks, if even those.)

>- Alex

- --John Kelsey, kelsey@counterpane.com / kelsey@plnet.net
NEW PGP print = 5D91 6F57 2646 83F9 6D7F 9C87 886D 88AF

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com>

iQCVAwUBNsq3fyZv+/Ry/LrBAQFjqAP/QTEtGL6i2ALVYOXGIVlPsXJE5lv+stJk
U+a/EcnxKhuzKNrTKDc/iHpKP9VocwV4Dh5/p5zOjg2bM8vObkmBRWS9anmXm2WO
sMqieXwna+BRJXDn5Qm7ezXLoQdqvKSDW9o1ev2WjwF/6KcL8n0pGr4MU9f95Qqm
uW028/HIXuc=
=BtF4
-----END PGP SIGNATURE-----

Next message: Niels Möller: "SSL sans RSA"
Previous message: Decimation: "A small question..."
In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
Next in thread: Alex Alten: "Re: reflecting on RC4"
Reply: Alex Alten: "Re: reflecting on RC4"

New Message	Reply	About this list	Date view	Thread view	Subject view	Author view

All trademarks and copyrights are the property of their respective owners.
Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:27