Re: Brin on privacy

James Rogers (
Wed, 25 Dec 1996 14:19:00 -0800

At 12:35 AM 12/25/96 +0000, you wrote:
>On Mon, 23 Dec 1996, James Rogers wrote:
>> In the case of
>> RC4, the total number of possible states is 10^1700. If no cycles or
>> patterns are found, then cracking this cypher is much more formidable than
>> the usual off-the-shelf symmetric cyphers like IDEA and DES.
>Of course that's only true if you use a 4800-bit key. A 40-bit key will
>only give you 2^40 (around 10^13) possible outputs even if the theoretical
>maximum is 10^1700.
The actual key for the cypher is 65536-bit (256 bytes). Using a 40-bit key
still generates a 65536-bit keyspace, but it limits the searchable keyspace
to 40-bits. In this sense, you can scale the size of the searchable
keyspace up to the 65536-bit limit. By forcing people to use a specific
keysize, you can very precisely control the complexity of cryptanalysis,
without having an impact on the effectiveness of the algorithm itself. The
scalability of the key is one of features of the algorithm. Most people do
not use the maximum possible key length because RC4 is thought to be
unbreakable at relatively small keysizes (128 bits for example).

-James Rogers