[RC5] InfiniteMonkeys Was Running With Bad Code?

V. Alex Brennen alexb at ufl.edu
Tue Mar 10 11:16:04 EST 1998


For anyone else who is working on their own attack, clients
or hardware:

  I was working on porting the IM code into RC564 clients
and I found this mistake in their code:

#ifdef DEBUG
  const unsigned RC5WORD C0 = 0x561bde39;
  const unsigned RC5WORD C1 = 0x255c1d3f;
#else
  const unsigned RC5WORD C0 = 0xa74ed382;
  const unsigned RC5WORD C1 = 0x255c1d3f;
[...]
   X = base;
   Y = keys;
[...]
   if (X == C0)
   {
     Y = ROTL(Y ^ X, X) + Z;
     if (Y == C1)
       break;
   }

RC556 CypherText From The RSA Secret Key HomePage:
             82 d3 4e a7 b3 24 86 0b c6 d8 61 5c e9 f9 e4 79
             88 5c 98 f1 d2 92 4c 59 ee 47 51 31 01 3e a8 ab
             d6 f0 4d c8 19 97 af 01 5e af f8 3f cd 61 b3 c2
             66 89 7c 82 09 87 4d fb 07 f2 56 03 8d d5 1b 01
             ca e3 41 c2 8d d7 18 1d
---
  Had they been a little more careful d.net might not be as
it is today.  Just goes to show source release is a good
thing.

  - Alejandro
    El Manwa Mono Loco
---
V. Alex Brennen  [alexb at ufl.edu]
Web Applications Programmer
Pediatric Oncology Group
[http://www.pog.ufl.edu/]
Statistical Office
University Of Florida
352.392.5198 x303
352.392.8162 Fax
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list