[rc5] key security question

Tristan Horn tristan at ethereal.net
Thu Jun 5 14:20:51 EDT 1997

On Thu, 5 Jun 1997, Fedor Kouranov wrote:
> >  - Do the bits just add up (i.e. the resulting ciphertext will be 
> >    like it was encrypted using a single 112 byte key)?
> Think keyspace: for each first key you have to search all the 2^56 second
> keys. This makes 2^112 combinations, IOW a 112-bit key. This presumes that
> using double keys does not weaken encryption (as in previous paragraph).
> >  - Do the keys multiply (i.e. the result would be like it was encrypted
> >    using a 56^2 bit key)?
> >  - Will the keys power each other (56^56 bit protection)?
> No, that's too much, especially the last one ;-) Nobody will have to search
> a bigger keyspace than was originally. Remember that the relationship
> between key length and keyspace size is exponential (keyspace =
> 2^keylength).
> And, anyway, you don't need all this stuff because you can simply have 128
> bit RC5 which will give you the protection you wanted.

Don't forget that we have an advantage over any effort to crack a real key
(i.e. non-contest).  We know the first part of the plaintext, "The unknown
message is: ".

A real effort would check that all of the first 8 bytes (or more) of the
decrypted plaintext was 7 bit ASCII... we just check that it matches "The

That's why double-encryption can be more secure than a larger key.
There's no way to tell when you've found the correct key, if it all
appears to be random 8-bit data... would that mean 56^56 protection?

Are there any laws controlling export of such double-encryption software?


To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.

More information about the rc5 mailing list