Re: RC4 on AMD64

From: Giorgio Tani (giorgio.tani_at_email.it)
Date: 11/08/04

  • Next message: Arnaud Carré: "Re: RC4 on AMD64" 
    Date: 8 Nov 2004 02:10:31 -0800

    jsavard@excxn.aNOSPAMb.cdn.invalid (John Savard) wrote in message news:<418ec8ad.3331535@news.ecn.ab.ca>...
    > Ah, but AES has *NO* known security weaknesses, so it can be used with
    > complete confidence!
    You are right, AES "has *NO* known security weaknesses", but this is
    very different to have no security weaknesses at all.
    AES had a very good analisys and it is really a good thing to convince
    someone in trusting it, but RC4 is out in the wild from 1987, had a
    lot of analisys and still we cannot say to know all about it.
    I belive that until we cannot mathematically exclude that an algorithm
    cannot have weaknesses (shortcut to the solution shorter than a
    desired computing effort, in all cases or in some cases, depending
    from our needs...) we cannot say anything definitive about it's
    security, but it's not easy to exclude further (near or far) analisys
    developement.
    Maybe RC4 has the negative aspect to be very hard to analyze and AES
    instead may be analyzed fastly and proved fasly to have "x" security,
    but that doesn't mean that RC4 is unsecure, a known weakness that is
    avoided is no longer a security fault (the statistica output bias,
    instead, cannot be avoided, afaik).

    Moreover, usually the algorithm is far the most secure portion of the
    crittosystem, so IF (note that's only a silly example) RC4 requires x
    effort to be broken, AES requires 2x effort and state-of-art
    implementation of boot crittosystem, trough intrusion, tampering ecc,
    requires x/100 effort, we must say that practically they are broken
    with x/100 effort! (that however doesn't justify using known broken
    algorithms or faulty implementation of the algorithms!)

  • Next message: Arnaud Carré: "Re: RC4 on AMD64"
    Loading