

RC4 No More - singold
http://www.rc4nomore.com/

======
beefhash
If I may ask a potentially silly question, does this have any security
implications for RC4-based random number generators (notably, FreeBSD
arc4random[1] and libbsd arc4random[2]; OpenBSD and NetBSD seem to have
replaced their arc4random with a ChaCha-based RNG around 2013)?

[1]
[https://svnweb.freebsd.org/base/release/10.1.0/lib/libc/gen/...](https://svnweb.freebsd.org/base/release/10.1.0/lib/libc/gen/arc4random.c?revision=274417&view=markup)

[2]
[http://cgit.freedesktop.org/libbsd/tree/src/arc4random.c](http://cgit.freedesktop.org/libbsd/tree/src/arc4random.c)

~~~
tedunangst
Yes and no. Practical exploitation depends on how the RNG is being used. The
good news is that, as noted, replacement code is available for those who want
it.

------
SerpentJoe
The page makes use of numeric expressions like 9x2^27. What's with the choice
of exponent? Why not e.g. 1.125x2^30?

~~~
Sanddancer
It's fairly normal in crypto papers to express vulnerabilities and potential
vulnerabilities in base two, as so many other bits of crypto, like key sizes,
etc, are also expressed in that base.

~~~
Freaky
He's questioning normalisation, not base. "Just over 2^30" is a bit more
intuitive than "Just under ten times 2^27".

------
sctb
Previous discussion:
[https://news.ycombinator.com/item?id=9892157](https://news.ycombinator.com/item?id=9892157)

