I claimed that RC2 and RC4 were derived in a process that involved NSA asking that it be weakened in various ways. This was a deduction based on some apparently false information of mine. Ron has set me straight. Please forget what I told you about RC2 and RC4...mea culpa. John ------- Forwarded Message From: rivest@theory.lcs.mit.edu (Ron Rivest) Date: Fri, 10 Sep 93 16:52:35 EDT Message-Id: <199309102052.AA02268@swan.lcs.mit.edu> To: gnu@toad.com Subject: Crack DES in 3.5 hours for only $1,500,000! Hi John -- Glad to see you're high-lighting Wiener's work; I think it is very important that people see it... Re RC2 and RC4: NSA had absolutely no influence on the design of either algorithm; they are entirely of my own creation. I'll take the credit for their strengths, or the blame for their faults. Please take the trouble to correct any misimpressions you may have given people. (I don't know who you sent your mail to...) I have no information on what sort of brute-force attack machines NSA has in its basement, but it is certainly the case that, as I said before, nothing in either design was affected by NSA or its capabilities. These algorithms are designed to be very good algorithms, but with a variable key-size, so that you could try to get out of NSA the biggest key size you could for export. I really don't like your spreading false information about my work, and wish you would take the simple step of talking to me first; I'll be happy to talk to you. (Feel free to repost this, in its entirety...) Cheers, Ron Rivest ------- End of Forwarded Message