[RC5] ultimateprivacy.com USD $1,000,000 compo

Pete Krawczyk pkrawczy at uiuc.edu
Mon Sep 7 04:17:29 EDT 1998

At 11:42 AM 9/6/98 +0300, Antti A Luostarinen wrote:
>Any use for distributed.net to go for the www.ultimateprivacy.com's
>million dollar offering to crack a certain message?

Two valid reasons why we can't:

1.  Using the method they describe, and not having anything but the original
message, you might as well just make something up and submit it.

The method described is to take plaintext x, XOR it with key y of the same
length, and send the resulting message (x XOR y) to the recipient, who then
does another XOR on the text with the same key y, to get the original
plaintext x back.  They implement this by having you send your key,
encrypted with Blowfish, to the other person before the encrypted message.
The key y is a one time key.

The contest page contains only the resulting plaintext (x XOR y).  So in
order to crack this message, we would also need the key y as encrypted and
sent to the recipient.  Which really equates to cracking Blowfish.

2.  Their challenge is over, as of about 3 weeks ago.

-Pete K
Pete Krawczyk  pkrawczy at uiuc dot edu -or- petek at mc dot net
 http://www.uiuc.edu/ph/www/pkrawczy  Finger for PGP public key
If you attempt to mail me at pkrawczy at mc.net, I will not get it.

To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list