----- Original Message ----- From: "Ed Gerck" <[EMAIL PROTECTED]>
Subject: [!! SPAM] Re: Is AES better than RC4

Please note that my email was way different in scope. My opening
sentence, where I basically said that it does not make much sense
to compare RC4 with AES, was cut in your quote -- but here it is:

"AES has more uses and use modes than RC4, in addition to the fact that
it encrypts more than one byte at once. Having said that, it is curious
to note the following misconceptions:"

Yes I did snip that out. I figured everything we agreed on could be left out easily enough. I apologize for removing something you considered core to your view.

BTW, discarding the first 100's of bytes in RC4 is easy, fast, and
has nothing to with lack of "key agility". And, if you do it, you don't
even have to hash the key (ie, you must EITHER hash the key OR discard the
first bytes).

From my view it does. Every extra clock cycle has an impact on key agility,
even 1 byte of RC4 discards slows the rekeying process, and as a result it does affect the effective key agility. That only 256 discards are necessary does not mean that those extra 256*(clock cycles per pull) clock cycles don't affect key agility. At what point do we say "This affects key agility" when it increases the time by 1%? 10%? 100%? If we don't consider every cycle to reduce key agility it's all just a matter of scale. This does mean that different implementations will have different key agilities, but if you look hostorically RC2 makes a great example of where the attacker has substantially more key agility than the legitimate user, so it is not without precedent.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to