One Time Pad (was: Re: [rc5] The DOS client appears at last!)

Robert N. Waybright neilw1 at home.com
Mon Oct 27 23:35:50 EST 1997


Were brute force the only method of attacking these that would be correct, 
but it is not.  There was quite an exchange about the susceptability of 
both RC4 and RC5 to analytic attacks a few months ago on some of the 
security lists.  Much of the debate was deeper than I understood, but the 
authors of both of the algorithms (and others) have published papers 
demonstrating that there are more effective attacks against their algorithm 
than simple brute force given certain circumstances.  I wish I had saved 
the references, but I didn't. If I remember correctly, both were 
susceptable to different forms of differential attacks, and perhaps others. 
 There are also attacks against parts of the algorithms.  If you are a 
"Wired" reader, you may have noted a little over a year ago during their 
coverage of the Crypto conference, they covered an interesting public 
exchange between Phil Zimmermann and the recently retired chief scientist 
for the NSA.  He asked Phil how long it would take them (NSA) to break PGP 
(not if they could).  By the end of the conversation it was clear it is a 
lot less time than anyone had previously suspected (and they were talking 
about 1024 bit).  Security is a relative thing.
Neil
PS - I hit one of the news archives and tried searching differential 
cryptanalysis and waded through thousands of hits trying to find precisely 
what I was looking for.  Just too much out there....

----------
From: 	Joseph Fisk[SMTP:joe at rm405n-a.roberts.fit.edu]
Sent: 	Monday, October 27, 1997 11:57 AM
To: 	'rc5 at llamas.net'
Subject: 	RE: One Time Pad (was:  Re: [rc5] The DOS client appears at 
last!)

> Stream ciphers were developed as an approximation to the action of the
> one-time pad, and while contemporary stream ciphers are unable to
> provide the satisfying theoretical security of the one-time pad, they
> are at least practical.

Considering the computation power it will take to break a single 64bit RC5
message, I think that, say, 128 bit is more than enough for security.  Or
2048 bit.


begin 600 WINMAIL.DAT
M>)\^(C4'`0:0" `$```````!``$``0>0!@`(````Y 0```````#H``$-@ 0`
M`@````(``@`!!) &`*@"```"````#0````,``# $````"P`/#@$````"`?\/
M`0```%<`````````@2L?I+ZC$!F=;@#=`0]4`@```0!J;V5 <FTT,#5N+6$N
M<F]B97)T<RYF:70N961U`%--5% `:F]E0')M-# U;BUA+G)O8F5R=',N9FET
M+F5D=0``'@`", $````%````4TU44 `````>``,P`0```!T```!J;V5 <FTT
M,#5N+6$N<F]B97)T<RYF:70N961U``````,`%0P"`````@'Y#P$```!7````
M`````($K'Z2^HQ 9G6X`W0$/5 (```$`:F]E0')M-# U;BUA+G)O8F5R=',N
M9FET+F5D=0!33510`&IO94!R;30P-6XM82YR;V)E<G1S+F9I="YE9'4```,`
M_@\&````'@`!, $````?````)VIO94!R;30P-6XM82YR;V)E<G1S+F9I="YE
M9'4G```"`0LP`0```"(```!33510.DI/14!2330P-4XM02Y23T)%4E13+D9)
M5"Y%1%4````#```Y``````L`0#H``````@'V#P$````$````````! P````#
M```P!0````L`#PX``````@'_#P$````[`````````($K'Z2^HQ 9G6X`W0$/
M5 (`````<F,U0&QL86UA<RYN970`4TU44 !R8S5 ;&QA;6%S+FYE= ``'@`"
M, $````%````4TU44 `````>``,P`0````\```!R8S5 ;&QA;6%S+FYE= ``
M`P`5# $````#`/X/!@```!X``3 !````$0```"=R8S5 ;&QA;6%S+FYE="<`
M`````@$+, $````4````4TU44#I20S5 3$Q!34%3+DY%5 `#```Y``````L`
M0#H!`````@'V#P$````$````````!0.$`0B !P`8````25!-+DUI8W)O<V]F
M="!-86EL+DYO=&4`,0@!!( !`$,```!213H at 3VYE(%1I;64 at 4&%D("AW87,Z
M("!293H at 6W)C-5T at 5&AE($1/4R!C;&EE;G0 at 87!P96%R<R!A="!L87-T(2D`
MW!0!!8 #``X```#-!PH`&P`7`",`,@`!`&8!`2" `P`.````S0<*`!L`%@`@
M`!X``0!.`0$)@ $`(0```$$X-S0U.$%",4$T1D0Q,3%!.$,X-#0T-34S-30P
M,# P`.T&`0.0!@`X" ``$@````L`(P```````P`F```````+`"D```````,`
M-@``````0 `Y`$"P&!UTX[P!'@!P``$```!#````4D4Z($]N92!4:6UE(%!A
M9" H=V%S.B @4F4Z(%MR8S5=(%1H92!$3U, at 8VQI96YT(&%P<&5A<G, at 870@
M;&%S="$I```"`7$``0```!8````!O.-T'1BK6'2I3QH1T:C(1$535 `````>
M`!X,`0````4```!33510`````!X`'PP!````$ ```&YE:6QW,4!H;VUE+F-O
M;0`#``80V_P9+P,`!Q!:!@``'@`($ $```!E````5T5214)2551%1D]20T54
M2$5/3DQ934542$]$3T9!5%1!0TM)3D=42$53151(05173U5,1$)%0T]24D5#
M5"Q"551)5$E33D]45$A%4D5705-154E414%.15A#2$%.1T5!0D]55 `````"
M`0D0`0```)4&``"1!@``H at H``$Q:1G58RW$M_P`*`0\"%0*H!>L"@P!0`O()
M`@!C: K <V5T,C<&``;#`H,R`\4"`'!R0G$1XG-T96T"@S-W`N0'$P* ?0J 
M",\)V3OQ%@\R-34"@ J!#;$+8.!N9S$P,Q10"PH4424+\F,`0"!7!)!E("AB
M<G43T" "$')C&1L@=&@;( (@;'D at CP> ' `$<!PP9B!A`D#U`-!K"X!G&_(1
ML!OQ'3#4('<(8&P<X&(;( 6A,1808W0L&S ;8"!I`Q_!!"!N;W0N(" F5!P0
M&Q%W800@<77G'^ ;( .197 at 1<1D0(8&G!N ?L1P"<W4$\&4%,/\!H ,0'^ <
M<!T!!N <``?P7$,T(9$<X"1P-1OP;\,AD0= >71I8QTE!"!>81N0!]$$8 (P
M:"919_\E0 (@(O #<!PA'1 BPP60+PAQ(\$CH!/ <R!Q377W$7 G]@VP8ATP
M(.0-L"- QP20'B(#H$D@=23 !)#=$\!O!' ?A!P"81M@', _$: CYR@%!T G
M4"BQ:&V=!" H)+(D,2P!*2 1@/)V&R!P=0)@! `<$!S at WPJP*R$JTB;1$\!R
M'3 =E/\>42^2(8$;$01@&Q$-P1]1=FDP(27W9PMQ$\ ;\FEO!< NARM4`)!M
M"U ;+&?_,^$#H!O0`" +<1\`-5 HD/LO``&0;AO0*4(KL /Q)%#W*[ 1@!S@
M<S 1'. <`A80'R:0%A Y$A^$*[!D:63T;B<@84D=$"NP%A '@+\&T"LQ'Q4<
M8!^!)#)W&P+_(P<VL24Q/! SD3LQ!4 ;H?\O`1T!/[<',27F'X DLBLA_1& 
M<"UQ+Y,@=S+R!T GL+\T'PJQ*3 N#SE#'1!Y"&"Q0^0@(E<U4 F (CKA_SH@
M!) ?@$=2`, <<# #($'_,,$F<".A/= <(3 @-6%'0/=(@#5A)U%D"'$=I#51
M!:#'2L$G0"?G0W)Y!3 E0/T%H&X[%1^ ' $<<$R#2?+_`Z +@!/0%A 3P!V2
M,%,ET)LAUQ[@=#YP-]%0: ,1_EH'< > 0' `< .@)+(ZM/\;T (P'&$6$"6P
M3T(1< B0?QT0!/ (D$%1-/$;H1OS3I1302!Q2"&!<VLPP?]1\QS !^ 5H!VA
M'^$>A &0]U:P&_(V`"A6`2_@)3$;0.5(@&M1X$=0+R @01_0UR at 33N(>H2D@
M<4(<<!P"_PGP'.,<`DWQ2L$Z4"6P)X'[5](A$6,VL K!'^1*(5I1?S:P!!$E
ML"?1*V,`<$=0;N<;(#H2$U!E=EU (Q <8?\C`2L@'V PP2\S3K,^<P&0;FP=
M at R)D&3 R)) C@'3_6U(&8"B57H,6$ M@,],<`+T=D2X*A0? `Q *A5 %\+XM
M.>(?X6 R* 5 at 0'<F4?\;P%(`," F45,""($Z,4LQ_U2!':% ZP4`3:$E8P"0
M::3/(0`-L#J2`V!U9R10'+'_(Q DL2US9_%?04V0'9,E0+YF"X!@DSB $; <
M87<>0G<Y at 2$1%:!O'8,;H2!Q2G\C$"*A+$ <@"F3(I06$"Z/<X$*A0J+(Z Q
M.# "T>!I+3$T- WP#-!UH_D+63$V"J #8!/0'V!GH%]WQPJ'=GL,,'=&1 at -A
M.J]XSG=&#()R`&\1L' D4 )&! !K6U--5%!@.FIO94! <'7 -?!N+6$N`V ]
M,2DQ;Y#S(& )@'5=>&]Y?09@`C!K>J][NTT"(&1)0!^ 3R,?8'YR(#(W'X Q
M.40Y-V/ ,3HUA/!!9DU_;WE]5&^!KWN[)_$;P#5 ; M@`, I0&! W'0GA9^ 
M?C!@:A]1A[_I>[M218T`3V!!!V)1X%TZ(2 at A`8T`!_!EC0!;Q8FA72"2($1/
M!?!=\/M5`AT@<"L@$9$=(2CP(1"8="$I<\]TTS,V=D?]&DD^BO<:18#G,<!(
M@#8`_SB ?, Q(CYS#; P(!6@*R#O2@%IHI'B`V!X!W!=)"4Q?RS3,\$G at 2@%
M"H65P& Q+7]?8PJP+&%LLU(!7),3T7#_!; *P&%!EVPR\BO0/S:;QY]W06#@
M#; BM#'A<V9O%/\<$#-!);%!@2AW* 6<7$ZS_YO'0_->\I*Q8*&:XJ+Q<[W_
M"% `@02!'94?`3:0&V!=)/^>,#YQ5\,#$ , at 6&19=B9PYP"0&1 VL38T9"$D
MX at J%_P>!.E B,!^ *[!F`EG0'C+''X Z4#WQ,3(X9!(@`G\S,RMC"?!M at U6"
M*'8@<4_6<@J%`= TKS,NE)R3;R^4?W=&"H45,0"W$ ````,`$! ``````P`1
M$ $```! ``<P`#T#1&OCO % ``@P`#T#1&OCO $>`#T``0````4```!213H@
&`````%61
`
end

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list