In
<C6DDA43B91BFDA49AA2F1E473732113E0A185C(_at_)mou1wnexm05(_dot_)vcorp(_dot_)ad(_dot_)vrsn(_dot_)com>
"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> writes:
Err, that would not be a good description of the situation. RC4 is
very fragile, the design in SSL was done by one of the very best
people in the business. It is very easy to make a blooper with a
stream cipher and that is why lots of us never use them.
Erh, yeah. Headspace error on my part.
To use RC4, or any other stream cipher, for SRS, you would need to
have the data to be hashed as part of the "stream key". Something
like this:
secret_key = <read from config file>
RC4_key = secret_key + timestamp + localpart + domain
rc4_setup( rc4_state, RC4_key, sizeof RC4_key )
buffer = <block of 4-16 bytes of constant data>
rc4_crypt( rc4_state, buffer, sizeof buffer );
SRS token = <last x bits of the buffer>
The buffer needs to be a certain amount longer than just the number of
bits you need because the first few bytes returned from RC4 are weaker
than the rest.
The buffer can be filled with anything. Zeros, the secret_key, a
second secret key, whatever. As long as it doesn't change.
-wayne