Re: RARC C++ code

From: Mrsjunecarey (mrsjunecarey@aol.com)
Date: 01/22/03

• Next message: John E. Hadstate: "Re: variable- key generation"
• Previous message: Mrsjunecarey: "Re: RARC C++ code"
• In reply to: David Wagner: "Re: RARC C++ code"
• Next in thread: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: mrsjunecarey@aol.com (Mrsjunecarey)
Date: 22 Jan 2003 13:29:48 GMT

Dear David,

>Well, I guess you'll have to decide whether your main goal is to find
>something emotionally satisfying and that You Like, or whether your main
>goal is to find something that maximizes the chances of being secure.

Well, when I wrote Caesarion, my goal was to find something secure.

And it's a well known fact that something which is simple has "less things to
go wrong" compared with something that is complicated.

Thus, I chose ARC4 in preference to Block Ciphers (which are complicated
beasts).

And when you use a good CSPRNG like ARC4 (or IBAA) with my Cipher-Packet
technique, the result is a Stream Cipher which is vastly more secure than a
Block Cipher (and which has a larger secret key space).

>Home-tweaked RC4 variants might achieve the former goal, but they're
>not going to help you reach the latter goal.
>

I've said this before in this thread. But for your benefit, I'll say it again.
I posted the code for RARC to see if any of you experts out there might find it
inspiring (due to its swap of two unknown positions).

Perhaps the concept behind RARC might inspire someone like Paul Crowley or Rick
Wash to develop a more secure variant or ARC4; i.e. people who have done a lot
more analysis of ARC4 than I have.

Cheers,
Robin

--
http://www.rcarey.org

• Next message: John E. Hadstate: "Re: variable- key generation"
• Previous message: Mrsjunecarey: "Re: RARC C++ code"
• In reply to: David Wagner: "Re: RARC C++ code"
• Next in thread: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Reply: David Wagner: "Re: RARC C++ code"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ANNOUNCE: Leopard10 CSPRNG ... >It's based on ARC4 which as I'm sure we all know was meant to be a CSPRNG, ... already demolished some of your designs, ... ARC4 is secure ... Robin can't deduce the internal state. ... (sci.crypt) Overly-Secure Encryption Mode ... it is not assumed that block ciphers are totally secure. ... Encipher the message using Electronic Code Book mode, ... hash function, nothing much has to be assumed about the security of the ... (sci.crypt) Re: ARC4 as a hash function ... Scott Fluhrer is far more likely to know than I am. ... Their version certainly has fewer weaknesses than mine (not ... If that occurs in a good enough implementation, than ARC4, easy enough ... you have a secure people's cryptosystem that can be replicated easily. ... (sci.crypt) Re: ANNOUNCE: Leopard10 CSPRNG ... >There are better ways to make ARC4 more secure; ... >the output of a hash function, such as SHA-1, as the key and ... (sci.crypt) Re: ANNOUNCE: Leopard10 CSPRNG ... There are better ways to make ARC4 more secure; ... the output of a hash function, such as SHA-1, as the key and ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint