Template:Distinguish Template:Infobox block cipher In cryptography, RC5 is a block cipher notable for its simplicity. Designed by Ronald Rivest in 1994^{[1]}, RC stands for "Rivest Cipher", or alternatively, "Ron's Code" (compare RC2 and RC4). The Advanced Encryption Standard (AES) candidate RC6 was based on RC5.
DescriptionEdit
Unlike many schemes, RC5 has a variable block size (32, 64 or 128 bits), key size (0 to 2040 bits) and number of rounds (0 to 255). The original suggested choice of parameters were a block size of 64 bits, a 128bit key and 12 rounds.
A key feature of RC5 is the use of datadependent rotations; one of the goals of RC5 was to prompt the study and evaluation of such operations as a cryptographic primitive. RC5 also consists of a number of modular additions and eXclusive OR (XOR)s. The general structure of the algorithm is a Feistellike network. The encryption and decryption routines can be specified in a few lines of code. The key schedule, however, is more complex, expanding the key using an essentially oneway function with the binary expansions of both e and the golden ratio as sources of "nothing up my sleeve numbers". The tantalising simplicity of the algorithm together with the novelty of the datadependent rotations has made RC5 an attractive object of study for cryptanalysts. The RC5 is basically denoted as RC5w/r/b where w=word size in bits, r=number of rounds, b=number of 8bit byte in the key.
CryptanalysisEdit
12round RC5 (with 64bit blocks) is susceptible to a differential attack using 2^{44} chosen plaintexts.^{[2]} 18–20 rounds are suggested as sufficient protection.
RSA Security, which has a patent on the algorithm,^{[3]} offered a series of US$10,000 prizes for breaking ciphertexts encrypted with RC5, but these contests have been discontinued as of May 2007. A number of these challenge problems have been tackled using distributed computing, organised by Distributed.net. Distributed.net has bruteforced RC5 messages encrypted with 56 and 64bit keys, and is working on cracking a 72bit key; as of September 2010, 1.043% of the keyspace has been searched. At the current rate, it will take approximately 453 years to test every possible remaining key, and thus guarantee completion of the project.[1]
See alsoEdit
References Edit
 ↑ Template:Cite conference
 ↑ Biryukov A. and Kushilevitz E. (1998). Improved Cryptanalysis of RC5. EUROCRYPT 1998.
 ↑ Rivest, R. L, "Block Encryption Algorithm With Data Dependent Rotation", Template:US patent, issued on 3 March 1998.
External links Edit
 Rivest's paper describing the cipher
 SCAN's entry for the cipher
 RSA Laboratories FAQ — What are RC5 and RC6?
 Helger Lipmaa's links on RC5
 RSA's patent via Google.

de:RC5 es:RC5 fr:RC5 (chiffrement) hr:RC5 it:RC5 ms:RC5 ja:RC5 pl:RC5 pt:RC5 ru:RC5 simple:RC5 sl:RC5