Re: Another Dumb Idea for Debunking...


Bill Cox wrote:

By applying [RC4] twice, it's no longer a stream cipher.

Yes it is!

The first encryption is with a random
256-byte key, which is pre-pended to the data for the second pass.

This achieves nothing. Kirchoff's(sp?) Principle means the attacker
knows that you have done this. It adds nothing to the securty of the
final result.

This doubles the run-time, but hopefully gets around the issue of using
unique keys each time.

No it doesn't. You still must not re-use the "outer" key. If you don't
understand this, you should not try using a stream cipher (yours or
anyone else's) until you've done some more research!

HTH,
TC (MVP MSAccess)
http://tc2.atspace.com

.