Hello Users,
Just want to understand the impact of openssl for RC4 Bar mitzvah attack.
Please correct me if my understanding is wrong, basically this attack is
triggered based on the design of RC4.
openssl is one of the implementers of RC4 algo.
I am not sure if there will be any design change
Technology Specialist, Micro Focus
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Sandeep Umesh
Sent: Monday, April 06, 2015 14:20
To: OpenSSL User Support ML
Subject: [openssl-users] openssl impact on CVE-2015-2808
Just want to understand the impact of openssl for RC4
Please correct me if my understanding is wrong, basically this attack is
triggered based on the design of RC4.
openssl is one of the implementers of RC4 algo.
There are biases in the stream created by RC4. In theory, and
adversary could use the biases to as a launchpad to recover plain text
