[RC5] Cracking 40 bits in realtime

gindrup at okway.okstate.edu gindrup at okway.okstate.edu
Thu Jan 8 14:08:25 EST 1998

     Anyone making a serious attack on a message already _does_ know 
     something about what it contains.  If they didn't have any 
     information, they'd just give up.  Further, they probably know how the 
     ciphertext was prepared, so they can look for internal headers that 
     likely have a very simple form (length fields would be the easiest to 
     check quickly).  The point is that if a message contains data that is 
     desirable, then that data is probably formatted.  If that data is 
     formatted, the formatting can be used to detect a successful 
     For instance, PGP compresses (or at least would prefer to do so) 
     before encryption.  All you have to do then is look for the 
     compression header, most of which would interpret as nonsense.
     I'm also sending a copy of this to the list, by hand, because this 
     appears to be a topic of some interest to the process of distributed 
            -- Eric Gindrup ! gindrup at Okway.okstate.edu

______________________________ Reply Separator _________________________________
Subject: Re: [RC5] Cracking 40 bits in realtime 
Author:  "Christopher Hodson (Consultant)" <cmh at fpk.hp.com>  at SMTP
Date:    1998/01/08 14:11

Which bring us back to our original mission.  What does it prove?  It 
only proves that if we KNOW the beginning of the message that we can 
decrypt the rest.  It really seems silly to say that "40-bit DES can be 
broken in x days," since this requires prior knowledge of the message. 
If RSA REALLY wanted to show how weak 40-bits(rc5 or DES) they wouldn't 
give us any of the plaintext.  But they don't, they want us to think its 
really weak, so we use their product.  You've got to remember, there 
must be a reason RSA is willing to give out $10k at a pop.  They think 
it will make them money in the long run.
BTW, I do think 40 bits is not enough, but not enough to cry "The sky is 
Christopher M. Hodson

To unsubcribe, send 'unsubscribe rc5' to majordomo at llamas.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list