Penetration Testing mailing list archives

Re: [PEN-TEST] RC4

From: Robert van der Meulen <rvdm () CISTRON NL>
Date: Wed, 29 Nov 2000 12:47:11 +0100

Quoting Alan Olsen (alan () CLUESERVER ORG):

Interestingly enough, RSA Inc tried to keep RC4 and RC2 as "trade
secrets", only letting you examine them after signing lots of NDAs.  The
source was revealed when someone posted it through a remailer to the
Cypherpunks list and sci.crypt. (They reverse engenered it, probably from
the BSAFE kit.) Sometimes you will see code refered to as "ARC4". This is
RC4 from the publically released code, but under a different name due to
Trademark issues. (RC4 is a trademark of RSA Inc.)

You forget to mention that RSA tried to keep them 'trade secrets' partly
because they _themselves_ found 'flaws' or 'weaknesses'. They did not want
to release it publicly, as it was not secure enough.

Greets,
        Robert
--
|      rvdm () cistron nl - Cistron Internet Services - www.cistron.nl        |
|          php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security             |
|         My statements are mine, and not necessarily cistron's.           |
        "You must have an IQ of at least half a million." -- Popeye

Current thread:

[PEN-TEST] RC4 Jay Mobley (Nov 29)
- Re: [PEN-TEST] RC4 Erick fabrizio (Nov 29)
- Re: [PEN-TEST] RC4 Ryan Russell (Nov 29)
- Re: [PEN-TEST] RC4 Chris Deibler (Nov 29)
- Re: [PEN-TEST] RC4 Alan Olsen (Nov 29)
  - Re: [PEN-TEST] RC4 Robert van der Meulen (Nov 30)
- [PEN-TEST] RC4 Raju Mathur (Nov 29)