[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Editorial: Use of MAY in draft-ietf-ipsec-ikev2-algorithms

On Mon, 16 Jun 2003, Paul Koning wrote:
> Yes, but the troubles with WEP, as I recall, don't come from its
> cipher, but rather from the stuff that was wrapped around it without
> any regard to proper cryptographic design.

Correct.  The cipher is RC4, which is (last I heard) still thought to be
okay.  The problem is that WEP generates keys by a distinctly non-random
process which produces many closely-related keys, and nobody thought to
ask whether this was a weakness.  It is.

                                                          Henry Spencer