[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: arcfour



-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 29 Jun 1996, Steve Reid wrote:

> A few questions about RC4...
> 
> I understand that RC4 is like a one-time-pad, in that a key can not be
> used more than once. What about adding a different salt to the key for
> each encryption? Would that be sufficent, even if the salt (but not the
> rest of the key) were known to an attacker? 

Probably.  
> 
> Is there any way to identify and weed out weak keys?

Keys starting with the sequence "00 00 FD", and "03 FD FC" are weak.

> 
> Does anyone have any sample data I can use to test an RC4 implementation?
> A key and the first few bytes of the stream should be sufficent. 

There are a few test vectors included in the original alleged-RC4 file
available on the usual crypto FTP sites.

- -- Mark

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[email protected]              | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"Freedom is the freedom to say that two plus two make four.  If that
is granted, all else follows."  --George Orwell, _1984_


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMdbm/LZc+sv5siulAQHksQP9GkdqWiJ7s2ST4QF9ZwcFtFxzTk/PJskh
ReNuvXEmWFChkP0AVHJq8USFJDL4CuN4GI7d3sQpn+2HjFw+bcklCuH9zJrret2Y
mD7boKcYhzvi/abaKY9FF9/BNtC33yahrjhEIxYFx6QNTLGM9KCjBZIG7/sOAQvq
aMSYbfVhvz8=
=cgR3
-----END PGP SIGNATURE-----