Well, I seem to be falling into the role of spokesperson for RSA on the net. It gives me something to do other than design reviews and programming. Here is our response to the excellent work that Andrew Roos has been doing on RC4. I am glad that people are looking at RC4 critically. --Bob ----------------------------- September 29, 1995 statement from RSADSI RSA Data Security Inc. has been following the emerging reports of a weakness in certain keys for the RC4 cipher. RSADSI's researchers have been aware of this particular property of the RC4 cipher for over a year. Most ciphers have a property whereby an enormous amount of known plaintext will provide a slight reduction in exhaustive key searching. The linear cryptanalysis of the DES cipher is an well known example of this. Limitations like this in the underlying ciphers are addressed by following sound advice on the design of the overall cryptographic system. Products that include RC4 from RSADSI are not compromised by this attack. Companies that license the BSafe cryptography toolkit have always been given advice that overcomes this limitation of the RC4 cipher, and this is true even for products that were built >before< this specific problem was discovered by the researchers at RSADSI. These researchers also monitor all developments in the field of cryptography and cryptanalysis so they can keep RSADSI's customers appraised relevant developments.