[RC5] Global Stats
Peter Cordes
peter at u24n61.hfx.eastlink.ca
Sat Dec 25 00:30:30 EST 1999
On Tue, 21 Dec 1999 abigail at delanet.com wrote:
> I don't think CSC is proving anything. What are you trying to prove? That
> 56 bit keys are insecure? If you are still trying to prove that, then
> what was the point of the other contests that did 56 bit keys?
56bit RC5 has been brute forced. I haven't seen any mention of 56bit CSC
being brute forced. However, given that some assembly hackers (big thumbs
up dudes :) have developed CSC cores which get a CSC-56 keyrate almost as
good as the RC5-64 keyrate they get, we know that 56bit CSC is within 10%
or so as strong as RC5-56 (since it takes about the same time per key as
RC5-64), against brute force attack (by commodity hardware :)
I suppose this raises the question of how well brute force algorithms
scale to bigger keys. (not only is the keyspace bigger, processing each
block presumably takes more work.) Has anybody tried this? How many
CSC-64 keys per second can you get, relative to CSC-56 k/s? What about
really high key lengths, like 128 bit. (Obviously, trying to go through
the whole keyspace is currently futile, but I want to know whether each
key, or block of keys, takes more time.)
> Furthermore, why aren't you making a case that the people who do run
> CSC are hurting the people trying to prove something with RC5-64?
Good point. However, RC5-64 will take another couple years anyway, and
so doing CSC now rather than later is a Good Thing. (because it is fun.)
#define X(x,y) x##y
DUPS Secretary ; http://is2.dal.ca/~dups/
Peter Cordes ; e-mail: X(peter at cordes.phys. , dal.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest
More information about the rc5
mailing list