Full Disclosure mailing list archives
Re: RC4 and Lotus Notes
From: HAYAKAWA Hitoshi <cz () hykw jp>
Date: Tue, 22 Apr 2003 00:57:20 +0900
At Mon, 21 Apr 2003 08:42:21 -0600 (MDT), aliver () xexil com wrote:
While developing something boring using the Lotus C API for Linux. I noticed while using valgrind that functions like NSFNoteDecrypt() and NSFNoteIsSignedOrSealed() are still making use of RC4 encryption with a 256 bit key even when I use "strong" encryption settings in it's lame windows MegaGUI. IIRC, RC4 is known to have some weaknesses in it's key scheduling that have yielded some interesting results (WEP, Winnt, etc..).
Which version are you using international version or USA version? The latter uses more bits for keys. -- HAYAKAWA, Hitoshi cz () hykw jp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RC4 and Lotus Notes aliver (Apr 21)
- Re: RC4 and Lotus Notes HAYAKAWA Hitoshi (Apr 21)
- Re: RC4 and Lotus Notes Derek Atkins (Apr 21)
- <Possible follow-ups>
- Re: RC4 and Lotus Notes aliver (Apr 21)