[10007] in cryptography@c2.net mail archive
Re: (A)RC4 state leakage
daemon@ATHENA.MIT.EDU (Sidney Markowitz)
Fri Dec 28 02:23:48 2001
From: Sidney Markowitz <sidney@sidney.com>
To: Damien Miller <djm@mindrot.org>
Cc: Cryptography Mailing List <cryptography@wasabisystems.com>
In-Reply-To: <Pine.LNX.4.33.0112281140131.1232-100000@mothra.mindrot.org>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Date: 27 Dec 2001 17:29:30 -0800
Message-Id: <1009502970.1645.3.camel@siddhasana>
Mime-Version: 1.0
Here's something by Ron Rivest about RC4 security that will give you a
simple overview before delving into the articles that Steve Bellovin
cited in his message. Note that Steve Bellovin's link includes the two
papers on RC4 weaknesses that Rivest references.
http://www.rsasecurity.com/rsalabs/technotes/wep.html
On Thu, 2001-12-27 at 16:42, Damien Miller wrote:
> The common wisdom when using (A)RC4 as a PRNG seems to be to discard
> the first few bytes of keystream it generates as it may be correlated
> to the keying material.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
