|
|
|
|
|
|
by ben_bai
2351 days ago
|
|
|
That's why OpenBSD cut away the start of the RC4 stream (don't remember how many bytes) to make backtracking harder. But the point is mood b.c. the stream cipher used switched from RC4 to ChaCha20 like 5 years ago. And there is no side channel attack on ChaCha20, yet. |
|
|
Yes, everybody does that. But how many bytes you drop matters; over the years the recommendations have gone from 256 bytes to 512 bytes to 768 bytes to 1536 bytes to 3072 bytes as attacks have gotten better.