[rc5] Some Deep questions
ted99 at ibm.net
Mon Aug 18 13:23:49 EDT 1997
On 08/18/97 Ivo Janssen <ivo at ricardis.tudelft.nl> said:
>OK, so RSA is nice to us. We know the exact beginning of the
>plaintext. But what if real encrypters are not so nice, and do, as said, a
>simple ASCII+1, or even another rc5. Double RC5. To brute force crack that
>one, you have 2^112 possibilities. Even if we speed up our computers with
>a factor 2^56, it would still take a year or so.
Now you *are* rehashing a discussion we had here ~2 months ago. We are not
addressing the STO (security through obscurity) ways of strenthening
encryption, like doing weird things to the plaintext or stacking
algorithms. The problem is that these ways of hiding things are secure but
not standard. An RC5 encrypted message can be decrypted by anyone who knows
the password. An RC5+1 or Double-RC5 cannot, because it is actually a new
If you are on your own, you can do whatever you like with your data,
including RC5-1024, Mega-DES, etc. Noone will know what you are actually
doing to your data, thus noone will be able to crack it with ease (STO).
However, as soon as you tell your friends that they should do x with the
decrypted data, the obscurity is gone. We are working on the planet-wide
scope with algorithms that are standartized and known by everyone and our
purpose is to show the security level of these algorithms.
BTW, the idea of changing the plaintext before encryption isn't new. PGP
simply zips it. Although it does not prevent brute-force attacks (because
everybody knows data is zipped), it prevents cryptanalisys and makes the
message shorter. If you are looking for an absolutely secure algorithm,
check out One Time Pad.
/** Christ Is Risen ! *** __+__ ****** Fedor "Ted" Kouranov *****/
/* Xristos Voskrese ! ** \| ** ted99 at ibm.net * fedor at bu.edu **/
/** Xristos Anesti ! **** |\ ** http://enz.siobc.ras.ru/~fedor */
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.
More information about the rc5