----- Original Message -----
From: "Ed Gerck" <[EMAIL PROTECTED]>
Subject: [!! SPAM] Re: Is AES better than RC4
Please note that my email was way different in scope. My opening
sentence, where I basically said that it does not make much sense
to compare RC4 with AES, was cut in your quote -- but here it is:
"AES has more uses and use modes than RC4, in addition to the fact that
it encrypts more than one byte at once. Having said that, it is curious
to note the following misconceptions:"
Yes I did snip that out. I figured everything we agreed on could be left out
easily enough. I apologize for removing something you considered core to
your view.
BTW, discarding the first 100's of bytes in RC4 is easy, fast, and
has nothing to with lack of "key agility". And, if you do it, you don't
even have to hash the key (ie, you must EITHER hash the key OR discard the
first bytes).
From my view it does. Every extra clock cycle has an impact on key agility,
even 1 byte of RC4 discards slows the rekeying process, and as a result it
does affect the effective key agility. That only 256 discards are necessary
does not mean that those extra 256*(clock cycles per pull) clock cycles
don't affect key agility. At what point do we say "This affects key agility"
when it increases the time by 1%? 10%? 100%? If we don't consider every
cycle to reduce key agility it's all just a matter of scale. This does mean
that different implementations will have different key agilities, but if you
look hostorically RC2 makes a great example of where the attacker has
substantially more key agility than the legitimate user, so it is not
without precedent.
Joe
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
