[rc5] key security question

Sean Reifschneider jafo at tummy.com
Thu Jun 5 21:41:14 EDT 1997


On Thu, Jun 05, 1997 at 07:23:17PM -0500, Henry W Miller wrote:
>RC5-56+RC5-56 is a 112 bit encryption, not 57.  you are encrypting a

Let's talk some more reasonable numbers here.  What if we were saying
RC5-8+RC5-8?  Saying that it's 16-bit encryption is VERY incorrect.
If you encrypt twice with RC5-8, worst case you would have to BREAK
the code twice.  Breaking it once would take searching 256 keys.
Breaking it twice would take (worst case) 256+256 key searches (512).
This is a *LONG* way off 65K key searches that would be required with
RC5-16.

RC5-56+RC5-56 is *WORST CASE* a 57-bit encryption.  However, what if
the dual encryption is just effectively giving you a different key
within the RC5-56 keyspace?  Best case, RC5-56+RC5-56 is as hard to
break as RC5-56.  The true number probably lies somwhere between those
two values.  It's definitely beyond my understanding of RC5 and the
math involved to say where, but I'd be very skepticle of anyone
who's claiming that it gives over 57-bits of protection.

3DES does not give 3x the protection of DES -- from what I recall it's
something more like 1.3x the protection from what I recall.

Apparently, some of the members of the IPV6 task-force fell into the
same trap as well.  There were people there who couldn't fathom that
a 64-bit key-space would be anything more than twice the number of
addresses we currently have.  In actuality, it's 4-billion times what
IPV4 uses.  So now we have a standard that will allow us to address
every square angstrom on the earth.  I believe somone said that
256-bits is enough to uniquely identify every atom which makes up
the earth...  We're talking REAL big numbers here.

Enjoy,
Sean
-- 
 "I can sum it up in one word:  Indescribable!"  -- Gonzo
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
URL: <http://www.tummy.com/xvscan> HP-UX/Linux/FreeBSD/BSDOS scanning software.
----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list