Simon Josefsson wrote:
I'd rather just declare RC4 as broken and move on, though.
I'd be much happier there too. But Dani declared a valid
use case, and assuming that it "takes off" there is still an
issue.
Jon's "process email" indicated that if an informational
style RFC was written, then that is all that is needed, that
covers all the finickety details that surround the best way
to use this algorithm. It becomes a MAY algorithm, and
everyone is happy.
The numbers issue then appears orthogonal to brokenness.
However, I'm curious whether there is no other fast stream
algorithm that can compete with RC4? RC4 is very old, and
there is a conference (FSE?) devoted to this area, surely
something has popped out in the last decade or so?
iang