Backward compatibility bites again (like RC4 in WPA2), "Cryptanalysis has been seen of RC4"

coderman coderman at
Sat May 2 22:46:46 PDT 2015

On 3/3/15, coderman <coderman at> wrote:
> ...
>> 2015, RC4 still in WPA2, WPA2 still in everything, ...

regarding Snowden in Princeton,

"There’s no evidence of a “wow” cryptanalysis; it was key theft, or an
implant, or a predicted RNG or supply-chain interference.
_Cryptanalysis has been seen of RC4_, but not of elliptic curve
crypto, and there’s no sign of exploits against other commonly used

RC4 still in WPA2 (targeted attack) allowing decryption of collected
signals. this is why VPN is necessary over WiFi networks regardless of
WPA2 security settings in the Tor router requirements.

best regards,

More information about the cypherpunks mailing list