Pete Chown <[EMAIL PROTECTED]> writes:
> Bill Stewart wrote:
>
> > These days nobody *has* a better cryptosystem than you do They might
> > have a cheaper one or a faster one, but for ten years the public's
> > been able to get free planet-sized-computer-proof crypto ...
>
> I seem to remember that the Nazis said the same thing about Enigma.
> Even when evidence began to filter back that it had been broken, they
> ignored it because they were so confident that a break was impossible.
>
> It's true that protocol and programming problems account for the huge
> majority of security holes. The WEP break, though, was one notable
> exception. They were using an established cryptosystem (RC4) with a
> planet sized key (128 bits). However, a weakness in RC4 itself let them
> down.
This isn't 100% true.
There were known (less practical but still better than just theoretical)
attacks on RC4 as used in WEP even before the RC4 weak key work.
WEP was a bad design through and through.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
