Re: Conficker C and Ron Rivest



ggr@xxxxxxxxxxxxx (Greg Rose) writes:

In article <tGvxl.19085$PH1.296@edtnps82>,
Unruh <unruh-spam@xxxxxxxxxxxxxx> wrote:
Is RC4 more or less secure than AES? I doubt that any reputable
cryptographer would make a pronouncement.

I don't know if I count as reputable, but I would
certainly make the pronouncement that RC4 is
currently thought to be much weaker than AES. RC4
has distinguishers at about 2^32 bytes of output,
whereas AES has no known weaknesses worse than
generic attacks.

Much weaker? On what basis?
Distingushers do not imply attacks. They may make you worry. AES has
complexity and slow speed, which means it will not be used when it should
be, and thus the security is be 0. Security is NOT just a matter of
technical features, but the whole security apparatus, including the user.
Now you are still going to say that RC4 is less secure than AES?
Your comments sound like "That ford has a chip in the paint while that
chevy does not, and thus the chevy is a better car."


Greg.
--
Greg Rose
232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
Qualcomm Australia: http://www.qualcomm.com.au
.



Relevant Pages

  • Re: Conficker C and Ron Rivest
    ... certainly make the pronouncement that RC4 is ... currently thought to be much weaker than AES. ... has distinguishers at about 2^32 bytes of output, ...
    (sci.crypt)
  • Re: Conficker C and Ron Rivest
    ... An attack is the ability to get cleartext from encrypted text without ... If a cipher is designed to have no distinguishers, ... I know with aes that there are only ... If you are going to argue that RC4 having a distinguisher makes it ...
    (sci.crypt)
  • Re: RC4, With Homebrew MAC...
    ... Though MD5 and SHA-1 would be faster than AES I think AES in CTR ... RC4 is shown to be very fast here because the machine I ran this on ... > your software discard some of the first outputs of the stream. ... > About your MAC, literature says that is not easy to get a good MAC ...
    (sci.crypt)
  • Re: Generate a one-time pad from say a 256bit key?
    ... a laptop with a 160GB hard drive. ... consider RC4 insecure because of it? ... As you point out, AES, the suggested alternative, is slow. ... are going to go to war based on whether or not the contents are Persian or ...
    (sci.crypt)
  • Re: Randomness: All youll ever need to know
    ... the set of all permutations on n symbols. ... terms of distinguishers. ... (uniform probability), keep it secret, and program it into a black box. ... that AES is secure, iff the adversary has no feasible means of telling ...
    (sci.crypt)