Pete Chown <[EMAIL PROTECTED]> writes: > Bill Stewart wrote: > > > These days nobody *has* a better cryptosystem than you do They might > > have a cheaper one or a faster one, but for ten years the public's > > been able to get free planet-sized-computer-proof crypto ... > > I seem to remember that the Nazis said the same thing about Enigma. > Even when evidence began to filter back that it had been broken, they > ignored it because they were so confident that a break was impossible. > > It's true that protocol and programming problems account for the huge > majority of security holes. The WEP break, though, was one notable > exception. They were using an established cryptosystem (RC4) with a > planet sized key (128 bits). However, a weakness in RC4 itself let them > down. This isn't 100% true.
There were known (less practical but still better than just theoretical) attacks on RC4 as used in WEP even before the RC4 weak key work. WEP was a bad design through and through. -Ekr -- [Eric Rescorla [EMAIL PROTECTED]] http://www.rtfm.com/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]