I saw a question on StackOverflow where RC4 was initialized by a 1024 bit key (with 2048 the maximum key size, if I'm not mistaken).
Will such a large key size possibly solve any of the bias of the initial bits of the key stream produced by RC4? Does it increase security any other way - other than brute force?
Is there any reason for keys larger than 256 bits for a combined key + IV?
Will such a large key size possibly solve any of the bias of the initial bits of the key stream produced by RC4?
There is a bias in the RC4 output at small multiples of the key size; hence a 16 byte key will have biases at offsets 16, 32, 48, etc (with the bias rapidly growing smaller as the offset grows). This bias happens less often with larger key sizes.
Other than that specific bias, no, increasing the key size doesn't help.
Is there any reason for keys larger than 256 bits
Actually, I'm not sure if there's any reason to use RC4 at all...
