[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 64 bit crypto

To: [email protected]
Subject: Re: 64 bit crypto
From: [email protected] (Thaddeus J. Beier)
Date: Sun, 10 Sep 1995 18:57:36 -0700
Sender: [email protected]


John A. Limpert says:
> Why would the attacker need to run the key setup 65536 times?

I could have been more clear.

Forgive a little bit of code...

Here is the beginning of the alleged RC4:
		for(counter = 0; counter < 256; counter++)
					state[counter] = counter;
        index2 = 0;
        key->x = key->y = index1 = index2 = 0;
        for(counter = 0; counter < 256; counter++)
        {
                index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;
                swap_byte(&state[counter], &state[index2]);

                index1 = (index1 + 1) % key_data_len;
        }

If it was changed to

		for(counter = 0; counter < 256; counter++)
                    state[counter] = counter;
        key->x = key->y = index1 = index2 = 0;
		for(i = 0; i < 65536) {	/* stir the pot a long time */
			for(counter = 0; counter < 256; counter++)
			{
					index2 = (key_data_ptr[index1] + state[counter] + index2) % 256;
					swap_byte(&state[counter], &state[index2]);

					index1 = (index1 + 1) % key_data_len;
			}
		}

Then the prepare_key routine would take much much longer.

The idea is that a 64 bit crypto routine can be arbitrarily
secure against brute-forcing, if you are willing to pay a
runtime penalty every time you use it.

thad
-- Thaddeus Beier                   email:  [email protected]
   Technology Development             vox:  408) 286-3376
   Hammerhead Productions             fax:  408) 292-8624

Follow-Ups:
- Re: 64 bit crypto
  - From: Michael Handler <[email protected]>

Prev by Date: Digital Fingerprinting
Next by Date: Re: question about reputation
Prev by thread: RE: 64 bit crypto
Next by thread: Re: 64 bit crypto
Index(es):
- Date
- Thread