[rc5] key security question
ted99 at ibm.net
Fri Jun 6 03:09:47 EDT 1997
On 06/05/97 Sean Reifschneider <jafo at tummy.com> said:
>Let's talk some more reasonable numbers here. What if we were saying
>RC5-8+RC5-8? Saying that it's 16-bit encryption is VERY incorrect. If you
>encrypt twice with RC5-8, worst case you would have to BREAK the code
>twice. Breaking it once would take searching 256 keys. Breaking it twice
>would take (worst case) 256+256 key searches (512). This is a *LONG* way
>off 65K key searches that would be required with RC5-16.
What do you mean by BREAKing? If it's brute-force, then you'll have to walk
through the keyspace and compare each key's result to some plaintext. If
you have plaintext->RC5->RC5->cryptotext, then it will be equally hard to
break each RC5 half, but the text in the middle will not be available until
you break BOTH (presuming cryptotext appears random). Let's stick to the
smaller example (there is solitude in small numbers). You need to find two
8-bit keys so that plaintext encrypted with the first and cryptotext
decrypted with the second give you the same semi-cryptotext. That is, you
have to compare two sets of 256 samples, which takes 256*256 comparisons.
This is the wrong way of searching a keyspace within each key from another
>RC5-56+RC5-56 is *WORST CASE* a 57-bit encryption. However, what if the
>dual encryption is just effectively giving you a different key within the
>RC5-56 keyspace? Best case, RC5-56+RC5-56 is as hard to break as RC5-56.
If you shuffle too much, the cards will return to their original places?
Well, this might happen unless we can quote on a cryptographer that it
can't. If you prepend the text with random data, then it will not be as
easy (however, you can escape it by checking a piece that is further down
>now we have a standard that will allow us to address every square angstrom
>on the earth. I believe somone said that 256-bits is enough to uniquely
They've designed it for the space age. ;-)
/** Christ is risen ! *** __+__ ****** Fedor "Ted" Kouranov *****/
/* Xristos voskrese ! ** \| ** ted99 at ibm.net * fedor at bu.edu **/
/** Xristos anesti ! **** |\ ** http://enz.siobc.ras.ru/~fedor */
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.
More information about the rc5