Re: RC4 on AMD64

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 11/09/04

• Next message: Guy Macon: "Re: RC4 on AMD64"
• Previous message: Mxsmanic: "How fast computers have made ciphers unbreakable"
• In reply to: Joe Peschel: "Re: RC4 on AMD64"
• Next in thread: Joe Peschel: "Re: RC4 on AMD64"
• Reply: Joe Peschel: "Re: RC4 on AMD64"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 9 Nov 2004 05:59:41 GMT

Joe Peschel <jpeschel@no.spam.org> writes:

]Guy Macon <http://www.guymacon.com> wrote in
]news:10ovm8ktkqhu701@corp.supernews.com:

]>
]> Joe Peschel wrote:
]>
]>>No, we weren't. You said, "I haven't seen anyone demonstrate
]>>the ability to decrypt RC4-encrypted ciphertexts." I told you
]>>how to do it.
]>
]> Then AES is insecure. Try sending your key in the clear along with
]> your ciphertext. There. I just demonstrated the ability to decrypt
]> AES-encrypted ciphertexts.

]I haven't said RC4 was not secure. And you haven't demonstrated anything
]other than you don't understand this attack on RC4. Encrypting a message
]twice under the same RC4 key is not the same as sending the key with the
]ciphertext.

]>
]> Now let's leave this imaginary world where RC4 keys are reused

]Reusing an RC4 key happens in the real world.

Sending the key with the message happens in the real world as well.
Both are mistakes.

]> and AES keys are sent with the ciphertext, and talk about what
]> happens in the real world. You say that RC4 is insecure and
]> that you can demonstrate the ability to decrypt RC4-encrypted
]> ciphertexts? Show us by decrypting a SSL session that uses
]> 128-bit RC4.

]What do mean "us"?

]I can't decrypt an SSL session that uses 128-bit RC4. Never said I could. I
]did show you how to decrypt some documents encrypted by RC4. At least, now
]you understand why your original challenge was poorly thought out.

And he showed you how to decrypt some documents encrypted with AES.

---

• Next message: Guy Macon: "Re: RC4 on AMD64"
• Previous message: Mxsmanic: "How fast computers have made ciphers unbreakable"
• In reply to: Joe Peschel: "Re: RC4 on AMD64"
• Next in thread: Joe Peschel: "Re: RC4 on AMD64"
• Reply: Joe Peschel: "Re: RC4 on AMD64"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Designing a secure message format ... which would be used to decrypt a message header, ... additional information needed to decrypt the body of the message. ... RC4 is very easy to program, ... Given that you will have 3DES and/or AES available, ... (sci.crypt) RC4 Drop ... I found a thread archived on Google regarding RC4 byte dropping vs key ... wouldn't decrypt. ... I duplicated the encryption/decryption loop. ... In the second copy I run it as normal (reading PT/CT and producing output). ... (sci.crypt) Re: RC4 on AMD64 ... > Then AES is insecure. ... > your ciphertext. ... I haven't said RC4 was not secure. ... > that you can demonstrate the ability to decrypt RC4-encrypted ... (sci.crypt) Re: Specific encryption ... This HMAC is something like CRC? ... the MAC and if it is wrong you don't decrypt. ... altered ciphertexts? ... (sci.crypt) Re: Bijective - an explanation please? ... I can just reject any key the decrypt the ciphertext to something ... The attack *I* will use is one that rejects all keys ... Note that my attack succeeds much more often than it fails. ... I have 4 ciphertexts available. ... (sci.crypt)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2004-11