----- Original Message ----- From: "James A. Donald" <[EMAIL PROTECTED]>
Subject: [!! SPAM] Re: Is AES better than RC4

Joseph Ashwood wrote:
> RC4 should have been retired a decade ago,


It is in general distuingable from random, actually quite quickly.
The first few bytes are so biased that any security is imaginary.
Using it securely requires so much in the way of heroic efforts that the overall system slows down into the same speed class as a much simpler, more secure design based on AES (or 3DES, or a dozen other ciphers). The key anti-agility slows it down to the point of being functionally unusable for any system that requires rekeying. It's only redeeming factors are that the cipher itself is simple to write, and once keyed it is fast. Neither of these is of any substantial use after considering the previous major issues. Joe

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to