Re: Limiting RC4 to "40 bit" strength
From: Roger Schlafly (rogersc1_at_mindspring.com)
Date: 05/19/04
- Next message: Roger Schlafly: "Re: Who owns MQV patent?"
- Previous message: Abraham Buckingham: "Re: Factorizaton idea, revisited"
- In reply to: David Wagner: "Re: Limiting RC4 to "40 bit" strength"
- Next in thread: Steven Hudson: "Re: Limiting RC4 to "40 bit" strength"
- Reply: Steven Hudson: "Re: Limiting RC4 to "40 bit" strength"
- Reply: David Wagner: "Re: Limiting RC4 to "40 bit" strength"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 May 2004 22:31:24 -0700
"David Wagner" <daw@taverner.cs.berkeley.edu> wrote
> If you're combining a password (key) + unique string (nonce)
> to form the key-input to RC4, you absolutely must hash them
> before feeding to RC4. Simple concatenation is a really bad
> idea, and RC4 is not secure when used with simple concatenation.
Why not? Do you have a reference for that?
- Next message: Roger Schlafly: "Re: Who owns MQV patent?"
- Previous message: Abraham Buckingham: "Re: Factorizaton idea, revisited"
- In reply to: David Wagner: "Re: Limiting RC4 to "40 bit" strength"
- Next in thread: Steven Hudson: "Re: Limiting RC4 to "40 bit" strength"
- Reply: Steven Hudson: "Re: Limiting RC4 to "40 bit" strength"
- Reply: David Wagner: "Re: Limiting RC4 to "40 bit" strength"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
