Re: Q: One-way functions
From: Paul Crowley (paul@JUNKCATCHER.ciphergoth.org)
Date: 04/01/03
- Next message: Matfys: "Re: Cracking cypher:help"
- Previous message: Paul Crowley: "Re: ATTN: ELYSEE DAGAN re: 2nd email"
- In reply to: David A Molnar: "Re: Q: One-way functions"
- Next in thread: Douglas A. Gwyn: "Re: Q: One-way functions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Paul Crowley <paul@JUNKCATCHER.ciphergoth.org> Date: Tue, 01 Apr 2003 09:30:08 GMT
David A Molnar <dmolnar@fas.harvard.edu> writes:
> Alleged RC4 is probably the most well-known candidate for a PRG,
> and yet we know it's certainly not pseudorandom unless at least the
> first 512 bytes are discarded. I find that a little bit less of
> an issue, since you can say "RC4 used 'properly' instantiates a PRG
> as far as we know."
Fluhrer and McGrew's attack will distinguish RC4 from a random stream
given 2^30 bytes no matter how much keystream you discard.
-- __ Paul Crowley \/ o\ sig@paul.ciphergoth.org /\__/ http://www.ciphergoth.org/
- Next message: Matfys: "Re: Cracking cypher:help"
- Previous message: Paul Crowley: "Re: ATTN: ELYSEE DAGAN re: 2nd email"
- In reply to: David A Molnar: "Re: Q: One-way functions"
- Next in thread: Douglas A. Gwyn: "Re: Q: One-way functions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
