[RC5] What does finding the contest key prove?

Adam C Luter gryn at gryn.dyn.marko.net
Fri Apr 16 17:42:40 EDT 1999

> What does this tell us about a read-world cracking example, where we do NOT
> know any part of the plaintext message (we may not even know what language
> or characterset it is in)? If I have mis-understood the issue, please
> clarify!

If you still knew that it was plaintext then you would have no problem
still.  It would just be a slower decryption.  That is, instead of having:

if $decrypt[1..10]="First Bit:" then
     print "We win!"
end if

We would do:

found = yes;
for x in 1 to sizeof($decrypt) do
  if not ($decrypt[x] in ['A'..'Z','a'..'z']) then
    found = no;
  end if
if found = yes then
  print "We win!"
end if

(which is to say, we check each character to see if it is a possible
plaintext character)

There are only two effects to this change.  One is that searches take a
little longer, as you can see by the sample pseudo-code.  The other
possibility, is that there is a -more of a chance- of a false-positive.

What I mean is, it may be that key[49] is the correct key, but key[32]
also happens to fit our "description" of what the data is.

However, I do not think this is much of a problem, even if you had 1,000
file formats beyond plain text to check, the number of false positives
would be low at worst, and still managable.  (how hard is it to decide
which of 4 possiblies is the correct one)

I think the more dramatic difficulty of not knowing what kind of data is
contained, is the time it takes to search, not the risk of false-positives
(we even have an ittty bitty chance of that with our current check).

The often assigned parsing projects when he doesn't want them, Gryn.

To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest

More information about the rc5 mailing list