[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: [dm-devel] [PATCH] crypto/arc4: convert this stream cipher into a block cipher
- From: Herbert Xu <herbert gondor apana org au>
- To: Mikulas Patocka <mpatocka redhat com>
- Cc: linux-crypto vger kernel org, Sebastian Andrzej Siewior <sebastian breakpoint cc>, dm-devel redhat com, agk redhat com, mbroz redhat com
- Subject: Re: [dm-devel] [PATCH] crypto/arc4: convert this stream cipher into a block cipher
- Date: Tue, 23 Feb 2010 08:15:20 +0800
On Mon, Feb 22, 2010 at 02:40:49PM -0500, Mikulas Patocka wrote:
>
> > So what we could do is simply add a new blkcipher arc4, alongside
> > the existing cipher arc4. Then we can convert the existing users
> > across, and finally remove the old arc4.
>
> arc4 can't be used as a block cipher --- see this paper
> http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps , it says
> that initialization vectors on RC4 are unreliable, if you use (unknown key
> concatenated with known IV) or (known IV concatenated with unknown key) as
> a RC4 key, the RC4 state can be exposed and the cipher is broken.
What we call a blkcipher is not really a block cipher. In fact,
what we call "cipher" is really a block cipher. So we're actually
changing arc4 so that it doesn't get used as a block cipher, i.e.,
you will no longer be able to say "cbc(arc4)" or some such.
I know it's confusing and perhaps one day we will rename blkcipher
to skcipher and cipher to blkcipher.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert gondor apana org au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]