On Wed, 15 Oct 2014, Christoph Anton Mitterer wrote: > I see it a bit differently: > RC4 is broken. Full stop. > Therefore new versions clients and servers should per default not > use/enable/accept it.
Sorry, but I *have* to nitpick here. RC4 as used by SSL is mostly broken. (A server could reset login cookies to be invalid after, say, 65536 pageloads, so that the attack cannot be mounted. This would allow the use of RC4 in SSL for compatibility/interoperability.) RC4 as used by arc4random is not broken, because arc4random (at least the more sane implementations) have one or several changes in effect that prevent the issues from RC4 becoming abused. RC4 as used by WEP is broken. I think this cannot be phrased differently, either. RC4 as used by Kerberos has been described to you already. RC4 (aRC4) is just a stream cipher with some bad properties, that can, mostly, be worked around in the protocol. But if the protocol does not do that, it’s broken, yes. bye, //mirabilos -- [16:04:33] bkix: "veni vidi violini" [16:04:45] bkix: "ich kam, sah und vergeigte"... -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/alpine.deb.2.11.1410160946270.5...@tglase.lan.tarent.de
