From: "James A. Donald" <jam...@echeque.com>
Subject: Re: Fast MAC algorithms?

james hughes wrote:

On Jul 27, 2009, at 4:50 AM, James A. Donald wrote:
No one can break arcfour used correctly - unfortunately, it is tricky to use it correctly.

RC-4 is broken when used as intended.
If you take these into consideration, can it be used "correctly"?

Hence "tricky"

By the same argument a Viginere cipher is "tricky" to use securely, same with monoalphabetic and even Ceasar. Not that RC4 is anywhere near the brokenness of Viginere, etc, but the same argument can be applied, so the argument is flawed.

The question is: What level of heroic effort is acceptable before a cipher is considered broken? Is AES-256 still secure?3-DES? Right now, to me AES-256 seems to be about the line, it doesn't take significant effort to use it securely, and the impact on the security of modern protocols is effectively zero, so it doesn't need to be retired, but I wouldn't recommend it for most new protocol purposes. RC4 takes excessive heroic efforts to avoid the problems, and even teams with highly skilled members have gotten it horribly wrong. Generally, using RC4 is foolish at best. Joe
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to