1994-12-13 - Re: More 40-bit RC4 nonsense

Header Data

From: “Ian Farquhar” <ianf@sydney.sgi.com>
To: cypherpunks@toad.com
Message Hash: 06a372e204f30775c9efc46cb555b9a395966cc1a01d74d00eb9ca53acbb61f5
Message ID: <9412141041.ZM15859@wiley.sydney.sgi.com>
Reply To: <199412131742.JAA27330@netcom5.netcom.com>
UTC Datetime: 1994-12-13 23:50:06 UTC
Raw Date: Tue, 13 Dec 94 15:50:06 PST

Raw message

From: "Ian Farquhar" <ianf@sydney.sgi.com>
Date: Tue, 13 Dec 94 15:50:06 PST
To: cypherpunks@toad.com
Subject: Re: More 40-bit RC4 nonsense
In-Reply-To: <199412131742.JAA27330@netcom5.netcom.com>
Message-ID: <9412141041.ZM15859@wiley.sydney.sgi.com>
MIME-Version: 1.0
Content-Type: text/plain


On Dec 13,  2:59pm, Michael Johnson wrote:
> Why did the NSA require that an application using the Sapphire Stream Cipher
> be limited to a _32-bit_ session key instead of the well-known _40-bit_
> limit for RC4?  I wonder if there are other key bit leaks that cover the
other
> 60%?

It could also be because they've made an investment in custom hardware
to "crack" RC4 by justifying it in terms of the volume which will result
from the special export status, whereas the volume of sapphire use they are
expecting is lower and so they'll be using off-the-shelf systems to
decrypt any streams seen from it.

							Ian.






Thread