Re: [PEN-TEST] RC4

[Caskey <caskey () TECHNOCAGE COM>]

On Nov 28, Chris Deibler quoth:

>     To the best of my knowledge, the availability of the
> encryption/decryption routines does not compromise the standard.  If RC4
> works in a similar manner to PGP, then the task involved to decrypt the
> stream is known: one must successfully factor an obscenely large prime
> number, something that is still lacking a good algorithm in modern
> mathematics.

Sorry to jump in on a tangent but I'm on an inexplicable quest to kill
this meme.  PK encryption does *not* rely upon the difficulty of factoring
large prime numbers.  I'm sure Chris didn't mean to phrase it that way.

For some reason most people (including myself) often use the expression
"one must ... factor ... large prime number[s]" to break public key
encryption when giving quick explanations of PKE but this ends up
confusing people. I really don't understand why we say this but when you
re-read it you realizes you meant to say 'one must factor the _product_ of
two large prime numbers'. All of us can factor arbitrarily long primes in
our head :-).

Not that I'd ever insult someone by comparing them directly to bill gates,
but he did the exact same thing in "The Road Ahead".

Cheers,

C=)

--------------------------------------------------------------------------
If you want to build a ship, don't drum up people together to collect wood
 and don't assign them tasks and work, but rather teach them to long for
     the endless immensity of the sea. -- Antoine de Saint Exupery
--------------------------------------------------------------------------
Caskey <caskey*technocage.com>       ///                   TechnoCage Inc.
--------------------------------------------------------------------------
  It's not an optical illusion, it just looks like one.  -- Phil White