Re: Conficker C and Ron Rivest
- From: Maaartin <grajcar1@xxxxxxxxx>
- Date: Tue, 24 Mar 2009 18:26:25 -0700 (PDT)
To Scott Fluhrer:
Thank you.
On the other hand, if you rekey every two bytes, then you will have
digraphs, and so the distinguisher will be able to work just fine (actually,
it might work even better...
That's funny. I see, rekeying very often is neither practical nor
helpful.
To Guy Macon:
What's interesting about the above idea is that, from a standpoint
I'm quite sure, what you describe wasn't Unruh's idea. IMHO he said
the following:
1. There's a small bias in RC4
2. Let the bias be - for example - FF occuring too often.
3. Compensate for it by dropping each n-th occurence of FF so that
it's probability is the same as the probability of any other output
byte.
According to Scott Fluhrer the bias is in the distibution of digraphs,
but it makes the compensation just slightly more complicated. I wonder
whether this process introduces other problems.
.
- References:
- Conficker C and Ron Rivest
- From: Timoleon
- Re: Conficker C and Ron Rivest
- From: Guy Macon
- Re: Conficker C and Ron Rivest
- From: Paul Rubin
- Re: Conficker C and Ron Rivest
- From: Maaartin
- Re: Conficker C and Ron Rivest
- From: Scott Fluhrer
- Re: Conficker C and Ron Rivest
- From: Unruh
- Re: Conficker C and Ron Rivest
- From: Guy Macon
- Conficker C and Ron Rivest
- Prev by Date: Re: Best Way To Randomize/Salt A Text String Before SHA256?
- Next by Date: Re: Conficker C and Ron Rivest
- Previous by thread: Re: Conficker C and Ron Rivest
- Next by thread: Re: Conficker C and Ron Rivest
- Index(es):
