Michael Paul Johnson (mpj@ebible.org)
Mon, 24 Aug 1998 11:41:45 -0600
At 02:36 PM 8/24/98 +0100, Andy Brown wrote:
>Does anyone know the level of security that 3-key RC4-40 (or RC2 for that
matter) would get
>you? The reason I ask is that I'm having to do some development with
MS-CAPI right now
>and outside the USA we only have the weak 40-bit RC4 and RC2 to use.
I suppose that if you have to work with the MS-CAPI, you could build up
longer effective key lengths at the cost of more processing time... but why
not use another crypto library and get a cipher with a longer key in the
first place? The logic in building up 3-key triple RC2 to a 120-bit key is
essentially the same as that of using DES, so I suspect no obvious weakness
in your idea. Building up RC-4 in a similar manner is a little different,
due to the fact that it is a composite stream cipher, but I can't think of
any problem with it (after 30 seconds of intense consideration), as long as
you take the usual precautions for a stream cipher.
Of course, for the above to be true, you would have to encrypt individual
blocks, not files where known plaintext headers may be inserted, which
would defeat the key strengthening. If the MS-CAPI inserts such headers,
then encrypting 3 times would only triple the effort needed to crack the
message, not increase the difficulty of cracking by 2^80. Check what the
CAPI does carefully.
_______
Michael Paul Johnson
http://ebible.org
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:11:01