More 40-bit RC4 nonsense
Ian Farquhar
ianf at sydney.sgi.com
Tue Dec 13 15:50:06 PST 1994
On Dec 13, 2:59pm, Michael Johnson wrote:
> Why did the NSA require that an application using the Sapphire Stream Cipher
> be limited to a _32-bit_ session key instead of the well-known _40-bit_
> limit for RC4? I wonder if there are other key bit leaks that cover the
other
> 60%?
It could also be because they've made an investment in custom hardware
to "crack" RC4 by justifying it in terms of the volume which will result
from the special export status, whereas the volume of sapphire use they are
expecting is lower and so they'll be using off-the-shelf systems to
decrypt any streams seen from it.
Ian.
More information about the cypherpunks-legacy
mailing list