On Mon, 2005-08-22 at 16:39 -0500, Dennis Jenkins wrote: > RC4 is basically an XOR against a huge one-time pad.
No it's not. The only thing like a one-time pad is a one-time pad. What makes an OTP secure isn't the protocol, but where the bits come from. If they come from ANYWHERE but a truly random source then it is not secure. RC4/ARCFOUR isn't a random source of bits, so it isn't a one-time pad. > That pad is creating using a "key scheduling algorithm". No it's not. The key scheduling system moves S-boxes around. There are exactly 256 S-boxes with RC4/ARCFOUR. If you really did perform an XOR operation on those SBOXes you would have no security unless: * your key was exactly 256 bytes * your data stream was exactly 256 bytes Nevertheless, it still wouldn't be much security because you probably didn't chose a strong key to begin with. > The key state for the random number generator is 256 bytes of data and two > 8-bit indicies. No it's not. The substitution array (S-boxes) is 256 bytes. It essentially translates one byte into another byte, then performs a permutation on the S-boxes. That permutation is fixed. The S-boxes are moved around each step, thus increasing the run-length. Unfortunately, its not enough- getting the initial key bytes of the stream makes it much easier to reconstruct the rest of the swapping routine. > There are several attacks that can be used to derive the original key > state, but they all require huge samples of data to analyze. No they don't. That's the problem. They only need a large number of _uses_ of the key, not large amounts of data. Adding some random junk to the beginning of the plaintext would help some, but I don't think SQLite does this. > RC4 is not the strongest encryption available, but for most of us, it is good > enough. ... and it wouldn't matter anyway because the key exists in the software that decrypts it. That's much easier to get to anyway. > The best way to attack any system using sqlite w/ the crypto extension > is to hook the call to "sqlite3_key()" and just steal the rc4 key > directly. Much easier than crunhcing numbers on a super computer. At least on this, I agree.