Backward compatibility bites again (like RC4 in WPA2)
coderman
coderman at gmail.com
Tue Mar 3 13:48:28 PST 2015
On 2/4/15, coderman <coderman at gmail.com> wrote:
> ...
> 2015, RC4 still in WPA2, WPA2 still in everything, ... [0].
not RC4 specifically, but EXP-RC4-MD5 is the avenue:
"The export-grade RSA ciphers are the remains of a 1980s-vintage
effort to weaken cryptography so that intelligence agencies would be
able to monitor. This was done badly. So badly, that while the
policies were ultimately scrapped, they’re still hurting us today."
- http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html
RC4, still hurting us today, too!
More information about the cypherpunks
mailing list