Re: Local press writes about the [removed]

From: Ish Sookun <ish_at_lsl.digital>
Date: Tue, 11 Apr 2017 10:11:43 +0400



Hi SM,



On 04/11/2017 01:25 AM, S Moonesamy wrote:


> 


> I sometimes read the local tech-related news articles.  I asked the


> journalist whether it was about RC4 as the news article did not contain


> the technical details which I was interested in.  The patch is described


> as a bandaid as RC4 is no longer recommended and because OpenBSD has


> already switched from RC4 to ChaCha20.  I was interested in where the


> patch came from; it was from FreeBSD.


> 



On 15 February 2014, during a meetup by the Linux User Group, you did a


presentation on the .mu ccTLD. During that same meetup a former member


of the Linux User Group talked about Ed25519 and ChaCha20. You explained


the attendees a bit on the work of the Internet Engineering Task Force


(IETF) and I believe several people in the room understood a little the


nature of your work (e.g RFC 7479 [1]).



> 


> My tweet was a simple question.  As I received a reply I provided a link


> in case anyone was interested in RC4.  There is an academic paper [1]


> from 2001 about the RC4 security issue.  I wondered about whether it was


> worthwhile to provide a temporary patch instead of porting code which is


> already available from OpenBSD.  There was also a short discussion on a


> FreeBSD mailing list in March about the issue.  I didn't mention all


> that as nobody was interested in a technical discussion [2] the topic.


> 



Knowing the way you throw jokes some times, I guessed there was


something particular about RC4 that you were triggering. The bandaid


mention by the FreeBSD contributor was a good hint. The academic paper


is mentioned in the code comments. To be honest, I didn't read the paper


thoroughly.



I however had a look at I. Mironov's paper in which he does mention the


earlier work of S. Fluhrer. I was interested to know why the FreeBSD


patch discarded the first 3072 bytes. I had a better idea on the 3072


value from the conclusion part of the paper. Thank you for the hints.



[1] https://tools.ietf.org/html/rfc7479



-- 
Ish Sookun
I drink coffee and manage Linux servers for lexpress.mu.


Received on Tue Apr 11 2017 - 06:12:00 PST














This archive was generated by hypermail 2.3.0
: Tue Apr 11 2017 - 06:18:00 PST