From: fc@all.net (Dr. Frederick B. Cohen)
To: cypherpunks@toad.com
Message Hash: 23c897646f6576b0eaf9fd820f26a3cf4f683ac418867ff8534057637d40dff1
Message ID: <9508171639.AA22016@all.net>
Reply To: N/A
UTC Datetime: 1995-08-17 16:40:53 UTC
Raw Date: Thu, 17 Aug 95 09:40:53 PDT
From: fc@all.net (Dr. Frederick B. Cohen)
Date: Thu, 17 Aug 95 09:40:53 PDT
To: cypherpunks@toad.com
Subject: Breaking RC4-40 for less
Message-ID: <9508171639.AA22016@all.net>
MIME-Version: 1.0
Content-Type: text
Since messages sent with netscape are fairly standard for the first so
many bytes, why not make a 2^30 element table, store it on a few
gigabytes of disk space, use a hash table on the message, and find the
keys to one in every 1,000 messages about 1 time per second. If this
code is being used to send millions of credit transactions per day, we
should be able decode thousands of credit card numbers per day for a
one-time cost of about $5,00.
The $10,000 estimate of the cost of computing time is far too high
for a production-based attack on the netscape codes.
--
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
Return to August 1995
Return to “fc@all.net (Dr. Frederick B. Cohen)”
1995-08-17 (Thu, 17 Aug 95 09:40:53 PDT) - Breaking RC4-40 for less - fc@all.net (Dr. Frederick B. Cohen)