SpringerLink - Book Chapter

Institutional Login

Welcome!

To use the personalized features of this site, please log in or register.

If you have forgotten your username or password, we can help.

My Menu

Marked Items

Alerts

Order History

Saved Items

All

Favorites


Book Chapter

Linear Cryptanalysis of RC5 and RC6

Book Series	Lecture Notes in Computer Science
Publisher	Springer Berlin / Heidelberg
ISSN	0302-9743 (Print) 1611-3349 (Online)
Volume	Volume 1636/1999
Book	Fast Software Encryption
DOI	10.1007/3-540-48519-8
Copyright	1999
ISBN	978-3-540-66226-6
DOI	10.1007/3-540-48519-8_2
Pages	16-30
Subject Collection	Computer Science
SpringerLink Date	Friday, January 01, 1999

Add to marked items

Add to shopping cart

Add to saved items

Permissions & Reprints

Recommend this chapter

PDF (184.3 KB)

Free Preview

Linear Cryptanalysis of RC5 and RC6

Johan Borst⁵, Bart Preneel⁵ and Joos Vandewalle⁵

(5)	K.U. Leuven, Dept. Elektrotechniek-ESAT/COSIC, Kardinaal Mercierlaan 94, B-3001 Heverlee, Belgium

Abstract

In this paper we evaluate the resistance of the block cipher RC5 against linear cryptanalysis. We describe a known plaintext attack that can break RC5-32 (blocksize 64) with 10 rounds and RC5-64 (blocksize 128) with 15 rounds. In order to do this we use techniques related to the use of multiple linear approximations. Furthermore the success of the attack is largely based on the linear hull-effect. To our knowledge, at this moment these are the best known plaintext attacks on RC5, which have negligible storage requirements and do not make any assumption on the plaintext distribution. Furthermore we discuss the impact of our attacking method on the AES-candidate RC6, whose design was based on RC5.