POV-Ray: Newsgroups: povray.off-topic: Is this the end of the world as we know it?: Re: Is this the end of the world as we know it?

POV-Ray : Newsgroups : povray.off-topic : Is this the end of the world as we know it? : Re: Is this the end of the world as we know it?		Server Time 31 Jul 2024 18:24:31 EDT (-0400)

From: Invisible
Date: 11 Oct 2011 04:05:23
Message: <4e93f8c3$1@news.povray.org>

On 10/10/2011 06:04 PM, Darren New wrote:
> On 10/10/2011 3:11, Invisible wrote:
>> RC4? Man, how ancient is that? You realise it was a weakness in RC4 that
>> allowed WEP to be broken, right?
>
> No. It was sending the key with each packet of data that allowed WEP to
> be broken.

Technically, it was
1. Restarting the keystream for each packet.
2. Using related keys for each packet.

> A stream cipher is a terrible tool to encrypt a packet-switched network.

Probably. (Personally, I don't like stream ciphers, but anyway...)

>> (Sadly, on further investigation, it appears that TLS 1 still uses RC4 or
>> Triple-DES. So much for HTTPS being secure...)
>
> RC4 hasn't been broken if you don't restart the stream for every packet.

RC4 has weaknesses concerning related keys. Also, the first few KB of 
the keystream is quite weak. Also, the keystream has certain statistical 
weaknesses. Also...

Wikipedia says something about AES being supported in TLS. But not the 
version(s) that everybody actually uses, by the looks of it.

Post a reply to this message