Fwd: Fedora crypto policy vs the real world Was: available crypto policies

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi  *,

On 05/05/2014 11:02 PM, Pavel Kankovsky wrote:
> (AlFardan et al. describe a different and possibly somewhat more
> efficient
> approach to find the maximum-likelihood choice of a plaintext byte.)
>
> If you capture "just few" connections you do not collect enough
> information to distinguish between the correct value and incorrect
> values, and no amount of computing power will help you (that is unless
> you have got enough to crack the cipher directly)
Added to this is the possibility of "nation-state actions" that may have
found RC4 cryptanalytic attacks the public cryptography community does
not know about. Yes, I do not have sources on that, but it's been
suggested by people that viewed the Snowden leaks a couple of times.

I don't really see a reason to keep RC4 in there. I'm totally for
removing it. But that's just my opinion.

Aaron

--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux