[314] in cryptography@c2.net mail archive
Re: standardizing key schedules
daemon@ATHENA.MIT.EDU (D.Mignone+C.Maeder)
Wed Feb 26 14:27:32 1997
Date: Wed, 26 Feb 1997 19:30:57 +0100
From: mignone@isi.ee.ethz.ch (D.Mignone+C.Maeder)
To: cryptography@c2.net
Cc: hal@rain.org, reinhold@world.std.com
> From: Hal Finney <hal@rain.org>
> If I understand what you're saying, this can't be true, since 256^256
> is not a multiple of 256!. So some permutations must be more likely
> than others with 256 byte random keys. However I think the bias would
> be vanishingly small.
We doubt that this bias will vanish. The permutation [255, 0, 1, 2, ..., 254]
will occur 2^255 ~ 0.57*10^77 times from the RC4 key schedule if you consider
256 byte random keys. The expected value for the occurence of each permutation
equals (256^256)/(256!) ~ 0.3*10^110. Therefore there is a factor of 10^33
between the mean value and this particular rare permutation.
Domenico & Christoph
