Re: Some application, with sources
From: giorgio.tani (giorgio.tani_at_email.it)
Date: 07/12/05
- Previous message: Grumble: "Re: Some application, with sources"
- In reply to: Grumble: "Re: Some application, with sources"
- Next in thread: giorgio.tani: "Re: Some application, with sources"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 12 Jul 2005 08:57:56 -0700
"RC4 falls short of the standards set by cryptographers for a secure
cipher in several ways, and thus is not recommended for use in new
applications."
I know.
The presence of a distinguisher from random is generally quite accepted
to be symptom of presence of possible attaks, altough that symptom
alone can't say if those attacks are practical or theorical.
Really, implementing various hardening that are quite well studied and
described in literature, after many years, we have no definitive
practical attack on RC4, however I agree that such a suspect (as casted
by the presence of a distinguisher) is enough to don't recommend RC4 in
new applications.
The application comes from a previous work, Kyu, that was meant to be a
framework for experimenting combinations of stream cyphers (how them
cover biases, how them can influence other s-boxes if some mode of
feedback is implemented, etc) and the derivation "Crypto Tools" only
intended to offer the plain, old (but to be fair not known to be
practically broken) RC4 with all described hardening implemented.
At least see it like a tribute to a little tool that I liked very much
that is CipherSaber, since the application can be used in strictly
CipherSaber compatible mode, to encrypt and decrypt file from a GUI
interoperating with any other CipherSaber implementation.
- Previous message: Grumble: "Re: Some application, with sources"
- In reply to: Grumble: "Re: Some application, with sources"
- Next in thread: giorgio.tani: "Re: Some application, with sources"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
