IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Arcfour & RC4



Hi,

I went to the IPR WG meeting on Monday and learned lots.  But enough about
me...

The current [TRANS] document references Arcfour as an acceptable
algorithm.  It also references RC4 in a somewhat oblique way as follows:

   The "arcfour" is the Arcfour stream cipher with 128 bit keys.  The
   Arcfour cipher is believed to be compatible with the RC4 cipher
   [SCHNEIER].  Arcfour (and RC4) has problems with weak keys, and
   should be used with caution.

The parts about RC4 sound editorial to me.  I also don't think that the
document should say that there is a "belief" in compatability; they either
are provably compatible, or the document should remain silent on that
point.  As such, I propose to change the text to the following:

   The "arcfour" cipher is the Arcfour stream cipher with 128 bit keys
   [SCHNEIER].  Arcfour has problems with weak keys, and should be used
   with caution.

Please let me know if you disagree with this proposal.

Thanks,
Chris



Home | Main Index | Thread Index | Old Index