[144668] in cryptography@c2.net mail archive
Re: Fast MAC algorithms?
daemon@ATHENA.MIT.EDU (Joseph Ashwood)
Sun Aug 2 13:02:45 2009
From: "Joseph Ashwood" <ashwood@msn.com>
To: <cryptography@metzdowd.com>
In-Reply-To: <4A754665.9000604@echeque.com>
Date: Sun, 2 Aug 2009 04:07:51 -0700
--------------------------------------------------
From: "James A. Donald" <jamesd@echeque.com>
Subject: Re: Fast MAC algorithms?
> Joseph Ashwood wrote:
>>>> RC-4 is broken when used as intended.
>> ...
>>>> If you take these into consideration, can it be used "correctly"?
>
> James A. Donald:
>>> Hence "tricky"
>
> Joseph Ashwood wrote:
>> By the same argument a Viginere cipher is "tricky" to use securely, same
>> with monoalphabetic and even Ceasar. Not that RC4 is anywhere near the
>> brokenness of Viginere, etc, but the same argument can be applied, so the
>> argument is flawed.
>
> You cannot use a Viginere cipher securely. You can use an RC4 cipher
> securely: To use RC4 securely discard the first hundred bytes of output,
> and renegotiate the key every gigabyte.
The way to use a Viginere securely is to apply an All-Or-Nothing-Transform
to the plaintext, then encrypt, this results in the attacker entropy of the
system that is in excess of the size, and therefore a OTP. There are other
ways, but this method is not significantly more complex than the efforts
necessary to secure RC4 and results in provable secrecy. It is just tricky
to use a Vigenere securely.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
