From: “Perry E. Metzger” <perry@imsi.com>
To: Mike Johnson second login <exabyte!gedora!mikej2@uunet.uu.net>
Message Hash: a5aecfbc5c040c9ee29f61ea072fba0bffd496fbc7393d1694ae3a6737f9c9d1
Message ID: <9409152250.AA05600@snark.imsi.com>
Reply To: <Pine.3.89.9409151639.A26111-0100000@gedora>
UTC Datetime: 1994-09-15 22:50:59 UTC
Raw Date: Thu, 15 Sep 94 15:50:59 PDT
From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 15 Sep 94 15:50:59 PDT
To: Mike Johnson second login <exabyte!gedora!mikej2@uunet.uu.net>
Subject: Re: thoughts on RC4
In-Reply-To: <Pine.3.89.9409151639.A26111-0100000@gedora>
Message-ID: <9409152250.AA05600@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain
Mike Johnson second login says:
> Don't forget the precomputation attack. The key setup only has to be done
> 2^40 times, ever. The initial state of the stream cipher can be stored on
> a set of tapes that are read in parallel to perform the brute force
> attack.
You may be interested to know that the SPA/NSA agreement covered this;
you are allowed to use a 40 bit "salt" thats appended to the key when
you use RC4 in an exported application provided the salt is sent along
with the message.
.pm
Return to September 1994
Return to ““Perry E. Metzger” <perry@imsi.com>”