I am an a-level student writing an encryption program using an rc4 implementation I have written myself. I have the basic algorithm coded correctly (and I have checked that some ciphertext for a given key and plaintext matched another online rc4 implementation by a credible source). I have added a drop(n) method that discards n bytes of the keystream (768 by default).
I am aware of rc4's vulnerabilities and understand that it is a lot more effort to patch these flaws than to use a different method of encryption. But in the quest for understanding over security, how would I combine a reused key and a unique initialization vector in a secure way? How would I store the initialization vector for use when decrypting. Finally how strong is a key that is a created by the user?
Aucun commentaire:
Enregistrer un commentaire