1996-04-13 - Re: RC4 improvement idea

Header Data

From: jamesd@echeque.com
To: cypherpunks@toad.com
Message Hash: 42c7ea9017c4f34b31e74e433117d90e1d11ae559e1257363630c2a955cad540
Message ID: <199604120717.AAA17361@mail1.best.com>
Reply To: N/A
UTC Datetime: 1996-04-13 13:14:08 UTC
Raw Date: Sat, 13 Apr 1996 21:14:08 +0800

Raw message

From: jamesd@echeque.com
Date: Sat, 13 Apr 1996 21:14:08 +0800
To: cypherpunks@toad.com
Subject: Re: RC4 improvement idea
Message-ID: <199604120717.AAA17361@mail1.best.com>
MIME-Version: 1.0
Content-Type: text/plain


<jamesd@echeque.com> wrote:
> > Such keys are not weak.

At 02:57 AM 4/9/96 -0700, David Wagner wrote:
> No, the report was right: the weak keys are real.
>
> For one key in 256, you have a 13.6% chance of recovering 16 bits of
> the original key.
>
> On average, the work factor per key recovered is reduced by a factor
> of 35 (i.e. the effective keylength is reduced by 5.1 bits) by using
> this class of weak keys.

Why do you not just assume the last byte of the key is 0x4A

Then for one key in 256 the effective keylength is reduced by a
whole 8 bits instead of a measly 5.1 bits.
 ---------------------------------------------------------------------
              				|  
We have the right to defend ourselves	|   http://www.jim.com/jamesd/
and our property, because of the kind	|  
of animals that we are. True law	|   James A. Donald
derives from this right, not from the	|  
arbitrary power of the state.		|   jamesd@echeque.com






Thread