Cryptographers Break Commonly Used RC4 Cipher 90
Posted
by
timothy
from the do-it-one-nanotimes dept.
from the do-it-one-nanotimes dept.
Sparrowvsrevolution writes "At the Fast Software Encryption conference in Singapore earlier this week, University of Illinois at Chicago Professor Dan Bernstein presented a method for breaking TLS and SSL web encryption when it's combined with the popular stream cipher RC4 invented by Ron Rivest in 1987. Bernstein demonstrated that when the same message is encrypted enough times--about a billion--comparing the ciphertext can allow the message to be deciphered. While that sounds impractical, Bernstein argued it can be achieved with a compromised website, a malicious ad or a hijacked router." RC4 may be long in the tooth, but it remains very widely used.
Re:Gmail uses RC4 (Score:4, Insightful)
Yup. RC4 is really fast in software and so can scale really easily without needing any real change in server capacity.
Also, most browsers support Elliptic-Curve Diffie-Hellman key exchange with RC4 which provides perfect forward secrecy with substantially less computing overhead as using the standard DH key exchange protocols.
Hmm. Now to change some settings. Whee.
Re:Arcfour (Score:4, Insightful)
Irrelevant. As long as I only send one copy of the compressed data, it should be safe. A better objection is that it probably would take more CPU to compress the data before sending it over RC4 than it would to just switch to AES with no compression.