Penetration Testing mailing list archives

Re: [PEN-TEST] RC4

From: Erick fabrizio <fabrizio () TELEPATH COM>
Date: Tue, 28 Nov 2000 21:51:16 -0600

Per Bruce Schneier (numero uno crypto geek) in his "Applied
Cryptography" 2d. edition, the security of any encryption system lies in
the key, not the algorithm. An open source algorithm gets scrutinized by
lots of interested folks and, presumably, weaknesses are found and
fixed. The security of the key lies in it's true random generated
length. The longer the better, with a trade off between security and
functionality (speed).

Erick Fabrizio
Adjunct Professor
Information Assurance Management
Oklahoma State university

Jay Mobley wrote:


(snip) So my question is
this... If one has the source code to an encryption standard... how secure
is that standard???

-Jay Mobley
Interactive Explorers

Current thread:

[PEN-TEST] RC4 Jay Mobley (Nov 29)
- Re: [PEN-TEST] RC4 Erick fabrizio (Nov 29)
- Re: [PEN-TEST] RC4 Ryan Russell (Nov 29)
- Re: [PEN-TEST] RC4 Chris Deibler (Nov 29)
- Re: [PEN-TEST] RC4 Alan Olsen (Nov 29)
  - Re: [PEN-TEST] RC4 Robert van der Meulen (Nov 30)
- [PEN-TEST] RC4 Raju Mathur (Nov 29)