All very true....but I don't see anything suggesting a particularly good KPT attack on RC4. There's one paper I read suggesting a way to reduce the search space a little, but TKIP solves the major problem with WEP.
> If you look at the serious research, you find that even folks using what > > they think are good passphrases use the same, weak ones. There are > about > 30,000 words in a typical college educated English speaker's > vocabulary. > That is a trivial number to push through a dictionary attack. Even if > > you change from Englist to LeetSpeak, its still a fairly small number > in > crypto terms. > Obviously, anything which is in a dictionary is as good as broken, but that's not really what I'm talking about. Once you get out of the realm of anything in a reasonable dictionary (i.e. random chars) you start getting into _how_ random it is (like your comment about an MD5 hash not being random enough). My point is that whilst good randomness is needed to implement an algo, it's not needed to generate a key, provided the attacker doesn't have access to or knowledge of how you did it. Anyway, this is, as you say, way off topic. I'm off to bed with my old copy of Applied Crypto :) -- radish ------------------------------------------------------------------------ radish's Profile: http://forums.slimdevices.com/member.php?userid=77 View this thread: http://forums.slimdevices.com/showthread.php?t=46953 _______________________________________________ discuss mailing list [email protected] http://lists.slimdevices.com/lists/listinfo/discuss
