[12496] in cryptography@c2.net mail archive
Re: Columbia crypto box
daemon@ATHENA.MIT.EDU (bear)
Mon Feb 10 15:09:44 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Mon, 10 Feb 2003 11:47:31 -0800 (PST)
From: bear <bear@sonic.net>
To: Matthew Byng-Maddick <cryptography@lists.colondot.net>
Cc: Donald Eastlake 3rd <dee3@torque.pothole.com>,
<cryptography@wasabisystems.com>
In-Reply-To: <20030210155653.GA34816@colon.colondot.net>
On Mon, 10 Feb 2003, Matthew Byng-Maddick wrote:
>On Sun, Feb 09, 2003 at 11:43:55PM -0500, Donald Eastlake 3rd wrote:
>> been that you either throw away the first 256 bytes of stream key output
>> or use a different key on every message. WEP does neither. TKIP, the new
>
>You NEVER, EVER, re-use the key for a stream cipher, if you do, you might
>as well just give up. By re-using the key, I can get
>plaintext (combinator) plaintext, which is easier to solve than
>plaintext (combinator) cipherstream.
>
>It's one of those things, like re-using a pad.
Actually, it is re-using a pad, exactly. It's just a pseudorandom
pad (stream cipher) instead of a one-time pad.
And while WEP had problems, it didn't have that particular problem.
New messages with the "same" key would use a later chunk of the
cipherstream pad under WEP.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
