[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: thoughts on RC4

To: Bill Sommerfeld <[email protected]>
Subject: Re: thoughts on RC4
From: Mike Johnson second login <[email protected]>
Date: Thu, 15 Sep 1994 16:16:12 -0600 (MDT)
Cc: Hal <[email protected]>, [email protected], [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]



On Thu, 15 Sep 1994, Bill Sommerfeld wrote:

> > I wonder if the NSA would approve it?  I think it was Bill Sommerfield
> > who pointed out that it was a little curious that NSA approves RC4 with a
> > 40 bit key when hardware-assisted search like the DES key cracker would
> > appear to be impractical.
> 
> Actually, I'm not sure that it's that impractical, but I don't know a
> heck of a lot about VLSI or hardware design.  A fully pipelined chip
> would require significantly more more chip area than the DES cracker,
> but you probably don't need that.  I'm pretty sure you could make a
> blazingly fast, non-pipelined, chip with a "key setup" unit and then a
> "trial encrypt" unit which run in parallel; you clock the key setup
> unit 256 times to set up the key, then the key gets fed to the trial
> encrypt unit where it gets tried against the known
> plaintext/ciphertext pair..
>... 

Don't forget the precomputation attack.  The key setup only has to be done
2^40 times, ever.  The initial state of the stream cipher can be stored on
a set of tapes that are read in parallel to perform the brute force
attack.

Follow-Ups:
- Re: thoughts on RC4
  - From: "Perry E. Metzger" <[email protected]>

References:
- Re: thoughts on RC4
  - From: Bill Sommerfeld <[email protected]>

Prev by Date: Re: [CyberCash Media hype]
Next by Date: Re: thoughts on RC4
Prev by thread: Re: thoughts on RC4
Next by thread: Re: thoughts on RC4
Index(es):
- Date
- Thread