[rc5] Checking for 64 bit RC5 on the fly?

Fedor Kouranov ted99 at ibm.net
Mon Jun 23 20:42:38 EDT 1997


On 06/23/97 Bob Krzaczek <rskpci at cis.rit.edu> said:

>Don't be so hasty... in certain circumstances, encrypting via RC5 with a
>56 bit key *is* the same as encrypting with a 64 bit key, provided the
>other RC5 parameters (word size and number of rounds) are unchanged.  The
>resulting expanded key table would be the same. 

OK, I admit I was hasty. If your reasoning is correct, we won't need to
alter the clients at all: we'll only have to check the 64-bit problem with
the 'false alarm' keys padded with a null byte... It will make a 1/256 of
the 64-bit keyspace, not too bad.

Actually, Bob seems to have discovered a moderate weakness in the RC5. Poor
Rivest.

 /** Christ Is Risen ! *** __+__ ******  Fedor "Ted" Kouranov  *****/
 /* Xristos Voskrese ! **   \|    ** ted99 at ibm.net * fedor at bu.edu **/
 /** Xristos Anesti ! ****   |\  ** http://enz.siobc.ras.ru/~fedor */

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list