-----BEGIN PGP SIGNED MESSAGE-----

Date: Thu, 17 Aug 1995 08:32:56 -0400 From: "Perry E. Metzger" <perry@piermont.com> Subject: Re: SSL challenge -- broken !

It has occured to me that, because the RC4 key crackers spend most of their time in key setup, you can crack N SSL sessions that you captured in not substantially more time than it took to crack 1. This is analagous to the way brute force Unix password file hacking operates.

This would work with straight 40-bit keys, but I believe SSL uses 128-bit keys, and then intentionally leaks 88 bits to comply with export requirements, to prevent this kind of attack from working.

Perry

--John Kelsey, jmkelsey@delphi.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMDVGXUHx57Ag8goBAQFyUQP7B7fhKc8AqpcHnQ09ip5gOfy5QMCtGImB f1Y9lZtAmLFwOIkrfdaL2vCWJKIKc7yg8+FwtmX6Q8yYWH4TdE5eWOGIKSfl5Q8f etVgF2B49T5Lxxb02ah5cHfO8baOqQOTMkvzQ9bj0XVqAItPoPjDTCOAAegwKZ3V 6L+kZQn89lY= =KkAX -----END PGP SIGNATURE-----