From: JMKELSEY@delphi.com
To: cypherpunks@toad.com
Message Hash: e43e97a55ffcfbb9ce62e0874df04d99c1fee7e5dc301c46030a6da48c668ae3
Message ID: <01HU8H23AHQQ8ZJ4DW@delphi.com>
Reply To: N/A
UTC Datetime: 1995-08-19 02:42:20 UTC
Raw Date: Fri, 18 Aug 95 19:42:20 PDT
From: JMKELSEY@delphi.com
Date: Fri, 18 Aug 95 19:42:20 PDT
To: cypherpunks@toad.com
Subject: Time-memory tradeoff in SSL's RC4 code?
Message-ID: <01HU8H23AHQQ8ZJ4DW@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
>Date: Thu, 17 Aug 1995 08:32:56 -0400
>From: "Perry E. Metzger" <perry@piermont.com>
>Subject: Re: SSL challenge -- broken !
>It has occured to me that, because the RC4 key crackers spend most of
>their time in key setup, you can crack N SSL sessions that you
>captured in not substantially more time than it took to crack 1. This
>is analagous to the way brute force Unix password file hacking operates.
This would work with straight 40-bit keys, but I believe SSL uses
128-bit keys, and then intentionally leaks 88 bits to comply with
export requirements, to prevent this kind of attack from working.
>Perry
--John Kelsey, jmkelsey@delphi.com
PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMDVGXUHx57Ag8goBAQFyUQP7B7fhKc8AqpcHnQ09ip5gOfy5QMCtGImB
f1Y9lZtAmLFwOIkrfdaL2vCWJKIKc7yg8+FwtmX6Q8yYWH4TdE5eWOGIKSfl5Q8f
etVgF2B49T5Lxxb02ah5cHfO8baOqQOTMkvzQ9bj0XVqAItPoPjDTCOAAegwKZ3V
6L+kZQn89lY=
=KkAX
-----END PGP SIGNATURE-----
Return to August 1995
Return to “JMKELSEY@delphi.com”
1995-08-19 (Fri, 18 Aug 95 19:42:20 PDT) - Time-memory tradeoff in SSL’s RC4 code? - JMKELSEY@delphi.com