[rc5] Checking for 64 bit RC5 on the fly?

Evan Jeffrey ejeffrey at eliot213.wuh.wustl.edu
Wed Jun 25 21:10:20 EDT 1997

>On 06/25/97 Marc Briceno <marc at c2.net> said:
>>I strongly support getting a start on the 64 key ASAP. [Frankly, I believe
>>the 56 bit RC5 crack to be a waste of time. But it seems that this one has
>>to be cleared before the next interesting target will be addressed: a 64
>>bit key.]
>To those who didn't get it: there is NO need to start a separate search on
>64-bit keyspace. To use 56-bit result on the 64-bit search we only need to
>1) completely exhaust 56-bit keyspace (we'll call it 'switching to 64-bits
>on-the-fly'), 2) check 'false alarms' from the 56-bit search on the 64-bit
>search (done by servers) and 3) modify the 64-bit clients to avoid keys
>that end in null byte.

I mistakenly claimed this earlier.  I have since discovered that it is not
true: though the first few blocks of both challenges are the same text, they
have different IVs (inital values), thus there is no way to get around doing
an extra crypt.  We still could save quite a bit of time by not having to
regenerate key tables.  I do not know if this is a worthwhile use of CPU
time, however.  I tend to doubt it. 

Evan Jeffrey
erjeffre at artsci.wustl.edu

Let us go.  Let us leave this festering hell hole.  Let us think the
unthinkable, let us do the undoable.  Let us prepare to grapple with the
ineffable itself, and see if we may not eff it after all.
                                                --Dirk Gently
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.

More information about the rc5 mailing list