From afb7f48344a8646d87b0998d53a856a90a16f425 Mon Sep 17 00:00:00 2001 From: Loganaden Velvindron Date: Sun, 27 Oct 2024 20:30:44 +0400 Subject: [PATCH] arc4: drop 4096 bytes of the early keystream (#1586) It might be safer to drop 4096 bytes to be on the safe side. See: twitter.com/nugxperience/status/1773906926503591970 --- arc4random.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arc4random.c b/arc4random.c index 21a12755..10f3c586 100644 --- a/arc4random.c +++ b/arc4random.c @@ -374,9 +374,9 @@ arc4_stir(void) * belief that "words" in the Fluhrer/Mantin/Shamir paper refers * to processor words. * - * We add another sect to the cargo cult, and choose 12*256. + * We add another sect to the cargo cult, and choose 16*256. */ - for (i = 0; i < 12*256; i++) + for (i = 0; i < 16*256; i++) (void)arc4_getbyte(); rekey_fuzz = arc4_getword();