While I'm not claiming RC4 is strong, the main problem is that WEP misuses it. At I understand it, the recommendation for a long time has been that you either throw away the first 256 bytes of stream key output or use a different key on every message. WEP does neither. TKIP, the new security mode for 802.11 designed for feeble legacy hardware, still uses RC4 but does change keys on every message.
Thanks, Donald ====================================================================== Donald E. Eastlake 3rd [EMAIL PROTECTED] 155 Beaver Street +1-508-634-2066(h) +1-508-851-8280(w) Milford, MA 01757 USA [EMAIL PROTECTED] On Sun, 9 Feb 2003, Pete Chown wrote: > Date: Sun, 09 Feb 2003 13:51:07 +0000 > From: Pete Chown <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: Columbia crypto box > > Bill Stewart wrote: > > > These days nobody *has* a better cryptosystem than you do They might > > have a cheaper one or a faster one, but for ten years the public's > > been able to get free planet-sized-computer-proof crypto ... > > I seem to remember that the Nazis said the same thing about Enigma. > Even when evidence began to filter back that it had been broken, they > ignored it because they were so confident that a break was impossible. > > It's true that protocol and programming problems account for the huge > majority of security holes. The WEP break, though, was one notable > exception. They were using an established cryptosystem (RC4) with a > planet sized key (128 bits). However, a weakness in RC4 itself let them > down. > > > ... if you don't like it, you can switch from 3DES and 1024-bit RSA > > to 5DES and/or 4096-bit RSA. > > I don't know about 4096-bit, but you should switch to something if you > care about security; recent results imply that it may be possible to > factor 1024-bit numbers. > > --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
