Securing online communications

[John Brazier]

Ian stated:

>I thought the practical attacks on RC4 was actually attacks on WEP key  
>management and implementation (like Enigma, the cipher is stronger  
>than its usage).  But I'd be very happy for someone to talk crypto on  
>ukcrypto.  My reading of what I've seen is that with decent length  
>keys re-generated for each connection and with the nonce values  
>regenerated afresh it would be fine.  I'll pass the time between  
>milestones in cooking lunch finding out...

... remembering, of course, to discard the first chunk of output due to 
weakness. In the real world and well-implemented I suspect you're right:
it's secure. But the with number of theoretical and practical attacks on
it now I'd probably go for something else!

ATB (and Season's Greetings)

John B