In message <[EMAIL PROTECTED]>, "Paul A.S. Ward" writes:
>Is it really fair to blame WEP for not using AES when AES wasn't around
>when WEP was being created?
>
Of course they couldn't have used AES. But there are other block
ciphers they could have used. They could have used key management.
They could have added a MAC. They could have used a longer "IV" field,
with a random starting point mandated by the spec. Or they could have
put a big warning on saying "this doesn't protect you from very much".
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
