thoughts on RC4
Perry E. Metzger
perry at imsi.com
Thu Sep 15 15:50:59 PDT 1994
Mike Johnson second login says:
> Don't forget the precomputation attack. The key setup only has to be done
> 2^40 times, ever. The initial state of the stream cipher can be stored on
> a set of tapes that are read in parallel to perform the brute force
> attack.
You may be interested to know that the SPA/NSA agreement covered this;
you are allowed to use a 40 bit "salt" thats appended to the key when
you use RC4 in an exported application provided the salt is sent along
with the message.
.pm
More information about the Testlist
mailing list