In message <[EMAIL PROTECTED]>, Damien Miller writes: >The common wisdom when using (A)RC4 as a PRNG seems to be to discard >the first few bytes of keystream it generates as it may be correlated >to the keying material. > >Does anyone have a reference that describes this in more detail? Or >am I confused :) >
Seee http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html for lots of references on RC4 and attacks on it. --Steve Bellovin, http://www.research.att.com/~smb Full text of "Firewalls" book now at http://www.wilyhacker.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]