Re: Arcfour in Ada

[Thomas Boschloo <nospam@multiweb.nl>]

Julian Morrison wrote:
> 
> http://download.sourceforge.net/fling/arcfour-ada-1.0.0.tar.gz
> 
> This code has been created for use with the Fling project
> (http://fling.sourceforge.net/).
> 
> This is ArcFour (Alleged RC4), CipherSaber variant, capable of
> CipherSaber-1 and CipherSaber-2. It is coded in Ada, and is dependent on
> AUnit and Formatted_Output (available via the AdaPower site). It's
> probably pretty GNAT-dependent too, since I've had no need to compile it
> anywhere else. If you want fixes, send patches and/or bug reports via
> Fling's SourceForge patch tracker.
> 
> This code has been placed in the public domain by its author.
> 
> Release notes: first full release, all unit tests pass, but it may be
> implementation dependant.

http://fling.sourceforge.net/wiki/index.php?full=arcfour

Why did you decide to go for arcfour and not the AES
http://www.nist.gov/aes ? AFAIK Arcfour or RC4 was originally a
'security by obscurity' cypher (Arcfour was (now illegal) reverse
engineered from RC4 by www.rsa.com).

I understand that you might like the idea of a stream-cypher for data
transmission, but aren't stream and block cyphers thought to be somewhat
identical in functionality by cryptographers?

Couldn't you just use the 128 bit block size of Rijndael as a (somewhat
small) buffer for your traffic? Be honest, what would be the overhead
from the 128 bit boundaries?

AES seems so much more secure in the long run than RC4!

(note: I am not a cryptographer nor have I every implemented a cypher)

Thomas

(BTW I do sympathize with your cause of an anonymous TCP/IP protocol.
Good luck!)
-- 
Jessica "I'm not bad, I'm just drawn that way"