Re: Is YellowCrypt OK?

From: Gregory G Rose (ggr_at_qualcomm.com)
Date: 07/13/05


Date: 13 Jul 2005 09:25:52 -0700

In article <1121233872.136507.74130@o13g2000cwo.googlegroups.com>,
simon <ablv-ccop@spamex.com> wrote:
[snip]
>Well, actually, what you have looked at is the original RC4 algorithm
>as recommended in the mini-FAQ of this forum. The only augmentation is
>the extra number of loops to set up the initial vector. This is a
>solution put forward by the original author, although in RC5 a
>different method was used.

If, by "original author", you are referring to Ron
Rivest, that's not what he originally recommended;
he recommended using MD5 to hash the key and IV,
and using the output to key RC4. Running extra
loops to water down the correlation between the
key and the first few output bytes was a
suggestion by many other people.

>You have just damned the sci.crypt recommendation of the proven public
>domain standard algorithm RC4!

Indeed, in this group, RC4 is no longer considered
adequately secure.

>RC4 is a very well-known and quite reputable stream cipher. RC4 is also
>recommended by this very forum. Actually RC4 has become quite popular
>over the last few years. It is used in cellular phones.

No, RC4 is not used by the cellular system. If it
exists in cellphones, it is for backward
compatibility with SSL, that is, application level
code. Perhaps you're thinking of (broken) 802.11
WEP, or the interim WPA that patched around its
weaknesses.

Greg.

-- 
Greg Rose
232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C
Qualcomm Australia: http://www.qualcomm.com.au


Relevant Pages

  • Re: Conficker C and Ron Rivest
    ... ggr@xxxxxxxxxxxxx (Greg Rose) writes: ... There's a small bias in RC4 ... According to Scott Fluhrer the bias is in the distibution of digraphs, ... simple ways of massaging RC4 so that the "cosmetic" distinguishers in RC4 ...
    (sci.crypt)
  • Re: Some VMPC news
    ... RC4 exhibits ... statistically nonrandom behaviour that can be ... statistics program. ... Greg Rose ...
    (sci.crypt)
  • Re: RSA SecureID
    ... >There are papers online showing the results of reverse engineering the ... it uses a variant of RC4 to mangle serial ... Greg Rose ...
    (sci.crypt)
  • Re: RC4 - Key bigger than state array?
    ... >state array will crack the cipher. ... But for it to be RC4, you need the state array to ... RC4 goes into a short cycle. ... Greg Rose ...
    (sci.crypt)
  • Re: Unbreakable Encryption ? Scenarios - What encryption method would be best?
    ... >> I claim that the output of RC4 is biased. ... The unbiasing would have to be complex, ... Greg Rose ...
    (sci.crypt)