[RC5] Cracking 40 bits in realtime

Roy Wilson emperor at slic.com
Fri Jan 2 08:59:06 EST 1998

On Fri, 2 Jan 98 05:18:18 -0800, Dan Ports wrote:

> don't agree at all with the idea of cracking 40-bit encrypted files
>on demand, because it could very easily be used for the uses that we
>want to avoid by encouraging longer key lengths; however, this brings
>up an interesting question. If we don't know what the plaintext is,
>how can we determine if we have successfully decrypted the message?
>Whereas we know in the DES and RC5 challenges that the plaintext will
>begin with "The unknown message is:", if we were cracking a real message,
>we probably wouldn't already know the plaintext or a part of it.
>Wouldn't this mean that, even if we could test every possible key, we
>wouldn't know which one is correct? If this is the case, how could a
>brute-force attack like this be applied to an unknown plaintext?

	With the credit card task, you'd look for identifiers
that have to be in it.  Card name, pattern of digits, etc.

	With random messages, you'd use a word frequency table. 
Look for the most often occurring words, "the", "and" "by", etc.

	But both are getting into interpretive methods, not
simply brute force.

Roy Wilson <emperor at slic.com>
Lat: 44.850959 Lon: -74.40286 [+/- 6']

To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list