Re: Is YellowCrypt OK?
From: Gregory G Rose (ggr_at_qualcomm.com)
Date: 13 Jul 2005 09:25:52 -0700
In article <email@example.com>,
simon <firstname.lastname@example.org> wrote:
>Well, actually, what you have looked at is the original RC4 algorithm
>as recommended in the mini-FAQ of this forum. The only augmentation is
>the extra number of loops to set up the initial vector. This is a
>solution put forward by the original author, although in RC5 a
>different method was used.
If, by "original author", you are referring to Ron
Rivest, that's not what he originally recommended;
he recommended using MD5 to hash the key and IV,
and using the output to key RC4. Running extra
loops to water down the correlation between the
key and the first few output bytes was a
suggestion by many other people.
>You have just damned the sci.crypt recommendation of the proven public
>domain standard algorithm RC4!
Indeed, in this group, RC4 is no longer considered
>RC4 is a very well-known and quite reputable stream cipher. RC4 is also
>recommended by this very forum. Actually RC4 has become quite popular
>over the last few years. It is used in cellular phones.
No, RC4 is not used by the cellular system. If it
exists in cellphones, it is for backward
compatibility with SSL, that is, application level
code. Perhaps you're thinking of (broken) 802.11
WEP, or the interim WPA that patched around its
-- Greg Rose 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C Qualcomm Australia: http://www.qualcomm.com.au