Re: 64 bit crypto
John A. Limpert says:
Why would the attacker need to run the key setup 65536 times?
I could have been more clear. Forgive a little bit of code... Here is the beginning of the alleged RC4: for(counter = 0; counter < 256; counter++) state[counter] = counter; index2 = 0; key->x = key->y = index1 = index2 = 0; for(counter = 0; counter < 256; counter++) { index2 = (key_data_ptr[index1] + state[counter] + index2) % 256; swap_byte(&state[counter], &state[index2]); index1 = (index1 + 1) % key_data_len; } If it was changed to for(counter = 0; counter < 256; counter++) state[counter] = counter; key->x = key->y = index1 = index2 = 0; for(i = 0; i < 65536) { /* stir the pot a long time */ for(counter = 0; counter < 256; counter++) { index2 = (key_data_ptr[index1] + state[counter] + index2) % 256; swap_byte(&state[counter], &state[index2]); index1 = (index1 + 1) % key_data_len; } } Then the prepare_key routine would take much much longer. The idea is that a 64 bit crypto routine can be arbitrarily secure against brute-forcing, if you are willing to pay a runtime penalty every time you use it. thad -- Thaddeus Beier email: thad@hammerhead.com Technology Development vox: 408) 286-3376 Hammerhead Productions fax: 408) 292-8624
On Sun, 10 Sep 1995, Thaddeus J. Beier wrote:
Forgive a little bit of code...
Hey. It's C. That's what this mailing list is about, right? ;-)
for(i = 0; i < 65536) { /* stir the pot a long time */
for (i = 0; i < 65536; i++) { /* stir the pot a long time */ Otherwise the loop will run a *long* time. Like infinity. :-) -- Michael Handler <grendel@netaxs.com> Philadelphia, PA Cypherpunks: Civil Liberty Through Complex Mathematics better living through cryptography
participants (2)
-
Michael Handler -
thadï¼ hammerhead.com