From: Jack Mott <thecrow@iconn.net>
Date: Sat, 6 Apr 1996 17:56:59 +0800
To: cypherpunks@toad.com
Subject: rc4 weak keys fix?
Message-ID: <3165F409.286E@iconn.net>
MIME-Version: 1.0
Content-Type: text/plain


I got a paper from the cryptography technical report server
"http://www.itribe.net/CTRS/" about a weak class of RC4 keys.  The
report said that with some keys, it was possible to predict what some
parts of the State-Box would be.  I was thinking of a way to fix this,
and had this idea:

do some sort of hashing function with the key that derives a number
between 55 and 500 or something like that, then scrabmle the S-box that
many times.  In this way, the chances that the State-Box will have any
correlation becomes extremely small.  I think it is 1/125 to begin with
anyway, so this would make it around  1/(125*NumPasses).  And since the
exact number of passes is a function of the key, the cracker won't know
how many times it went through.   I tried this out and having 1000s of
passes doesn't effect the randomness of the state-box in any negative
way, possibly it makes it more random? If anyone has any thoughts I'd
love to hear them.
--
thecrow@iconn.net
"It can't rain all the time"