[RC5] How do we know???

Greg Wooledge wooledge at kellnet.com
Wed Jan 28 20:50:20 EST 1998

Phil Gregory (pgreg430 at neors.cat.cc.md.us) wrote:

> This is in the FAQ, I believe.  The client notes when the first string of 
> bytes matches the known string ("The unknown message is:").

Actually, the client only decrypts 8 bytes, and compares these bytes
to the string "The unkn".  Thus, the possibility of a false positive is
substantially higher than it would be if the client decrypted 24 bytes
(including the trailing space which you omitted).  Of course, it takes
less time to decrypt 8 bytes than to decrypt 24 bytes, so the clients
run faster by doing the minimum amount of work required.

The odds of a false positive are 1 in 256^8 (=2^64), since each of the
first 8 bytes in the decrypted string has 256 possible values.

I've heard that during the RC5 contests, distributed.net sent out some
blocks which cause the client to report a possible match, just to make
sure everything is working.  I don't know whether this is true for DES
as well.

To unsubcribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list