Re: RC4 on AMD64

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 11/09/04


Date: 9 Nov 2004 05:59:41 GMT

Joe Peschel <jpeschel@no.spam.org> writes:

]Guy Macon <http://www.guymacon.com> wrote in
]news:10ovm8ktkqhu701@corp.supernews.com:

]>
]> Joe Peschel wrote:
]>
]>>No, we weren't. You said, "I haven't seen anyone demonstrate
]>>the ability to decrypt RC4-encrypted ciphertexts." I told you
]>>how to do it.
]>
]> Then AES is insecure. Try sending your key in the clear along with
]> your ciphertext. There. I just demonstrated the ability to decrypt
]> AES-encrypted ciphertexts.

]I haven't said RC4 was not secure. And you haven't demonstrated anything
]other than you don't understand this attack on RC4. Encrypting a message
]twice under the same RC4 key is not the same as sending the key with the
]ciphertext.

]>
]> Now let's leave this imaginary world where RC4 keys are reused

]Reusing an RC4 key happens in the real world.

Sending the key with the message happens in the real world as well.
Both are mistakes.

]> and AES keys are sent with the ciphertext, and talk about what
]> happens in the real world. You say that RC4 is insecure and
]> that you can demonstrate the ability to decrypt RC4-encrypted
]> ciphertexts? Show us by decrypting a SSL session that uses
]> 128-bit RC4.

]What do mean "us"?

]I can't decrypt an SSL session that uses 128-bit RC4. Never said I could. I
]did show you how to decrypt some documents encrypted by RC4. At least, now
]you understand why your original challenge was poorly thought out.

And he showed you how to decrypt some documents encrypted with AES.