> The actual key for the cypher is 65536-bit (256 bytes).
However, you said that there were only 10^1700 possible states, and
10^1700 ~ 2^5600 (I calculated it wrong last time). Hence using a key of
more than 5600 bits would be pointless. You'd gain no extra security
because the key-generated states would no longer be unique.
> Using a 40-bit key
> still generates a 65536-bit keyspace, but it limits the searchable keyspace
> to 40-bits.
Uh-uh-uh... I don't understand what you mean here. If you use a 40-bit key
then RC4 starts in one of 2^40 possible states, so as long as they are
unique states the total number of possible states is really irrelevant.
> In this sense, you can scale the size of the searchable
> keyspace up to the 65536-bit limit.
Ok, I see what you meant originally. That's true, but RC4 will only be
more secure than IDEA or other algorithms if you use a larger key. As far
as we know it's intrinsically no more secure and may be weaker. The
algorithm has only been publically known for a couple of years.
Mark
|-----------------------------------------------------------------------|
|Mark Grant M.A., U.L.C. EMAIL: mark@unicorn.com |
|WWW: http://www.c2.org/~mark MAILBOT: bot@unicorn.com |
|-----------------------------------------------------------------------|