[RC5] d.net progress

Joe Sunday void at null.net
Fri Nov 21 14:10:58 EST 1997

Keith Jones wrote:

> gindrup at okway.okstate.edu wrote:
> >      But, remember, a *real* effort would use the information that the
> >      first several bytes of the decrypted message are "The unknown message
> >      is: ", the next byte is capitalized ASCII and all the remaining bytes
> >      are printable ASCII characters followed by some (possibly empty)
> >      sequence of NULLs (padding).
> >      We aren't even remotely using all this information.  We're attacking
> >      by pure brute-force.
> I was under the impression that we *were* using this information.  I certainly was
> when I whipped together an RC5-40 cracker a couple of weeks ago (which was woefully
> inadequate to the task, if you must know ... one PPro 200 just doesn't cut it for
> breaking RC5-40 though my program was not as optimized as it could be).
> My impression is that the RSA contest is a known plaintext, known ciphertext
> attack.
> Keith W. Jones -- keith at streamdata.com

I believe he meant that instead of a brute force attack like we're doing (Try every key
till one fits), you would attempt to exploit any weaknesses in the algorithim to crack
it faster. The only thing we use is the first 8 bytes of the message (Only the header
is known, the sentance isn't.) to check whether a certian key decrypts to a plaintext
message or garbage.


To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list