Linearly weak keys of RC5
- 8 May 1997
- journal article
- Published by Institution of Engineering and Technology (IET) in Electronics Letters
- Vol. 33 (10) , 836-838
- https://doi.org/10.1049/el:19970601
Abstract
The author examines the application of linear cryptanalysis to the RC5 private-key ciphers and show that there are expected to be weak keys for which the attack is applicable to many rounds. It is demonstrated that, for the 12-round nominal RC5 version with a 64 bit block size and a 128 bit key, there are 228 weak keys for which only ~217 known plaintexts are required to break the cipher. There are 268 keys for which the cipher is theoretically breakable, requiring ~257 known plaintexts. The analysis highlights the sensitivity of RC5 security to its key scheduling algorithm.Keywords
This publication has 3 references indexed in Scilit:
- Improved Differential Attacks on RC5Published by Springer Nature ,1996
- On Differential and Linear Cryptanalysis of the RC5 Encryption AlgorithmPublished by Springer Nature ,1995
- Linear Cryptanalysis Method for DES CipherPublished by Springer Nature ,1994