You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"For an ideal stream cipher, the first byte of the keystream should tell me nothing about the key. In RC4, it gives me some information about the first three bytes of the key. The latter seems less serious: after all, the attacker isn’t supposed to know the state of the cipher."
If the attacker knows the plaintext and the ciphertext, they could XOR them to produce the keystream, right? And therefore learn something about the key per the above (but without knowing anything about the internal state of the cipher)? If so, that seems exploitable and worth mentioning.
The text was updated successfully, but these errors were encountered:
"For an ideal stream cipher, the first byte of the keystream should tell me nothing about the key. In RC4, it gives me some information about the first three bytes of the key. The latter seems less serious: after all, the attacker isn’t supposed to know the state of the cipher."
If the attacker knows the plaintext and the ciphertext, they could XOR them to produce the keystream, right? And therefore learn something about the key per the above (but without knowing anything about the internal state of the cipher)? If so, that seems exploitable and worth mentioning.
The text was updated successfully, but these errors were encountered: