[RC5] Cracking 40 bits in realtime

Christopher Lyons clyons at concentric.net
Fri Jan 2 14:35:40 EST 1998

On Fri, 2 Jan 98 05:18:18 -0800, Dan Ports <danz at lanminds.com> wrote:
>I don't agree at all with the idea of cracking 40-bit encrypted files
>on demand, because it could very easily be used for the uses that we
>want to avoid by encouraging longer key lengths; however, this brings
>up an interesting question. If we don't know what the plaintext is,
>how can we determine if we have successfully decrypted the message?
>Whereas we know in the DES and RC5 challenges that the plaintext will
>begin with "The unknown message is:", if we were cracking a real message,
>we probably wouldn't already know the plaintext or a part of it.
>Wouldn't this mean that, even if we could test every possible key, we
>wouldn't know which one is correct? If this is the case, how could a
>brute-force attack like this be applied to an unknown plaintext?

After attempting to decrypt the message, perhaps there could be an
algorithim to check for dictionary words, long strings of numbers,
etc.  The higher the score, the more probable the decryption is to be
accurate.  The top scoring message (or messages) could be sent to the
person who submitted it.

And no, I'm not really suggesting we do this.  Just a little mental
exercise. :)
Christopher M. Lyons  Clyons at concentric.net

PGP Public Key avaiable from my homepage.
To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list