Daniel Kahn Gillmor dkg@fifthhorseman.net writes:
A problem is that the key setup of ARCFOUR is quite weak, you should never use keys with structure, keys that are ordinary passwords, or sequences of keys like ``secret:1'', ``secret:2'', ...
The problem with arcfour is not that some particular keys are unexpectedly weak, but that the key bits are not spread out very well into the internal state (sorry if this description is a bit vague; my understanding is also a bit vague...).
So there's unexpectedly high correlation between the first bytes of the key and the first bytes of the generated key stream, and I think there's also undesired correlation between key streams for close keys.
I think the recommendations in the manual (hash the key first, and discard the initial bytes of the key stream) are still adequate.
Regards, /Niels