[RC5] Cracking 40 bits in realtime

Matt Perry matt at primefactor.com
Wed Jan 7 21:59:29 EST 1998


On Wed, 7 Jan 1998, Roy Wilson wrote:

> On Wed, 7 Jan 1998 18:46:54 -0500, Greg Wooledge wrote:
> 
> >Roy Wilson (emperor at slic.com) wrote:
> >
> >This doesn't address the ethical/legal issue which has been raised.
> >Yes, we may start out with harmless "Visa-like" coded messages, but
> >the problem is that someone may introduce a real Visa coded message
> >into the machine.
> 
> 	True, to some extent.  But any client we coded for our
> own challenge would have our *known* plaintext dozen or so
> characters in it.  You'd need a hell of a lot more than a simple
> matching brute-force client to bust a VISA packet you grabbed
> from somewhere.

	Exactly.  Whoever submits a message for decryption must know the
unencrypted message.  If someone where to submit an arbitrary packet, how
are we to know when we have found the correct key?  We would have to have
something for the client to check against, much like the RC5 clients
currently looking for "The unknown message is" which is the beginning of
all of the encoded messages.

	Likewise, who ever submits something to be broken is going to have
to supply something to check against.  This can't be done without knowing
something about the message inside.  Also, if someone were to try and pick
up an arbitrary packet and submit it for unencryption, how can they be
sure that it's not binary? 

   /// .\\att...

--
To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list