>Hi Jos,
>
>>>>Finally, your needs depend on performance considerations. Secure encryption tends to be slower than less secure encryption.
>>>
>>>The RC4 encryption algorithm is extremely fast and is considered safe.
>
>>Hi Walter. Not so safe any more - see http://www.answers.com/topic/rc4 for a nice overview. But I suppose it all depends on how much security one really needs.
>
>Interesting, yes, I think it really depends on how much security one needs. Breaking the algorithm still seems very difficult, though there are some strategies thay could help you breaking the key. I think the general conclusion is that RC4 shows some weaknesses that possibly could lead to breaking the key. AFAICS, it all still is rather theorectical rather than it really has been done. You probably need a lot of computer power , a lot of time and a brilliant mind to do it in practise (at least on strong and larger keys). I don't think anyone would bother to analyze my WEB base wireless security this way. The game of course would be different is the encoded stream was comming from the whitehouse or the pentagon.
>

Hi Walter, funny you should mention your wireless security ... do a Google search on the phrase "unsafe at any key size" and you get lots of links to security issues with RC4. It can be brute forced.


>There are quite a few variants of RC4 with their own characteristics, maybe RC4 is going to evolve into something even more secure in the end.

Why does it need to evolve? I dont think it needs to with newer crypto like AES and others.

But again, like we said, the question is what you want to protect and from whom. RC4 is probably fine for most general purposes and to protect against most general adversaries.