[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: thoughts on RC4

To: Bill Sommerfeld <[email protected]>, [email protected]
Subject: Re: thoughts on RC4
From: "Ian Farquhar" <[email protected]>
Date: Mon, 19 Sep 1994 15:34:44 -0500
Cc: [email protected]
In-Reply-To: Bill Sommerfeld <[email protected]> "Re: thoughts on RC4" (Sep 15, 1:05pm)
References: <[email protected]>
Sender: [email protected]

On Sep 15,  1:05pm, Bill Sommerfeld wrote:
> Actually, I'm not sure that it's that impractical, but I don't know a
> heck of a lot about VLSI or hardware design.  A fully pipelined chip
> would require significantly more more chip area than the DES cracker,
> but you probably don't need that.

One of the issues I looked at over the weekend was the parallelization of
the key scheduler, which is definitely a non-trivial problem.  One thought
that did occur to me was that there might be a massively parallel
solution to this which has a practical implementation up to 48 bits,
but not over this.  I'll post more about this when I get some time, but
I've got to disagree with Bill here that a simple RC4 implementation (without
a parallel key schedule setup) would take more die area than a DES cracker.
Ultimately, it is a VERY simple cipher, and the VLSI implementation would
reflect this.

Even so, the release of the algorithm confirms the RSADSI position that
an exhaustive keysearch would be a slow operation, given the setup
time required for the key schedule setup.

BTW, just an idle question: why is RC4 a stream cipher, as opposed to an
8-bit block cipher?  Based on the implementation, it would seem to be the
later to me.

							Ian.

References:
- Re: thoughts on RC4
  - From: Bill Sommerfeld <[email protected]>

Prev by Date: Re: if this is RC4
Next by Date: Acapulco H.E.A.T. Auxilliary Review
Prev by thread: Re: thoughts on RC4
Next by thread: Re: thoughts on RC4
Index(es):
- Date
- Thread