Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by krbdev.mit.edu (8.9.3) with ESMTP id PAA07479; Tue, 12 Nov 2002 15:53:20 -0500 (EST) Received: from ginger.cmf.nrl.navy.mil (ginger.cmf.nrl.navy.mil [134.207.10.161]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA25447; Tue, 12 Nov 2002 15:53:19 -0500 (EST) Received: from cmf.nrl.navy.mil (elvis.cmf.nrl.navy.mil [134.207.10.38]) (authenticated bits=0) by ginger.cmf.nrl.navy.mil (8.12.5/8.12.5) with ESMTP id gACKrHUs000010; Tue, 12 Nov 2002 15:53:17 -0500 (EST) Message-Id: <200211122053.gACKrHUs000010@ginger.cmf.nrl.navy.mil> To: Sam Hartman Cc: krb5-bugs@mit.edu Subject: Re: SAM uses RC4 insecurely In-Reply-To: Your message of "Tue, 12 Nov 2002 13:24:50 EST." X-Face: "Evs"_GpJ]],xS)b$T2#V&{KfP_i2`TlPrY$Iv9+TQ!6+`~+l)#7I)0xr1>4hfd{#0B4 WIn3jU;bql;{2Uq%zw5bF4?%F&&j8@KaT?#vBGk}u07<+6/`.F-3_GA@6Bq5gN9\+s;_d gD\SW #]iN_U0 KUmOR.P<|um5yPkEpSD@*e` Date: Tue, 12 Nov 2002 15:53:15 -0500 From: Ken Hornstein X-Spam-Score: hits=0 () User Authenticated X-Virus-Scanned: NAI Completed X-Scanned-BY: MIMEDefang 2.24 (www . roaringpenguin . com / mimedefang) X-RT-Original-Encoding: iso-8859-1 Content-Length: 862 >Well, there is a derive-key for rc4, but it only takes keyusage as >input, not a string. Hm, I think I'm confused. I see where the keyusage gets fed into the algorithm in the Brezak draft, but what I don't see is anything that looks like derive-key for rc4. Maybe we're not talking about the same thing. >Defining dk interms of dr would work for rc4 if you had a reasonable >definition of dr, but you currently do not. Maybe I'm being dense again (and not knowing much about rc4, other than glancing over the routines that implement it) but would it be reasonable to pretend for the purposes of rc4 and dr that the blocksize was equal to the keysize? I think that would prevent the attack you described. Or just keep state between calls to the encryption routine. Like you said, dr still needs to be defined for rc4; just thinking out loud here. --Ken