David Wagner
Sun, 25 Jul 1999 20:03:28 -0700
In article <v04011700b3c0b0807cfc@[24.218.56.100]>, Arnold G. Reinhold <[EMAIL PROTECTED]> wrote: > One nice advantage of using RC4 as a nonce generator is that you can easily > switch back and forth between key setup and code byte generation. You can > even do both at the same time. (There is no need to reset the index > variables.) This allows you to intersperse entropy deposits and withdrawals > at will. Oh dear! This suggestion worries me. Is it reasonable to expect this arrangement to be secure against e.g. chosen-entropy attacks?