RC2
|
|
| RC2 | |||
| |||
| General | |||
| Designer(s) | Ron Rivest | ||
| First published | source code leaked 1996 (designed 1987) | ||
| Derived from | - | ||
| Cipher(s) based on this design | - | ||
| Algorithm detail | |||
| Block size(s) | 64 bits | ||
| Key size(s) | 8–128 bits, in steps of eight bits; default 64 bits | ||
| Structure | Source-heavy Feistel network | ||
| Number of rounds | 16 of type MIXING; 2 of type MASHING | ||
| Best cryptanalysis | |||
| A related-key attack is possible requiring 234 chosen plaintexts (Kelsey et al, 1997). | |||
In cryptography, RC2 is a block cipher designed by Ron Rivest in 1987. "RC" stands for "Ron's Code" or "Rivest Cipher"; other ciphers designed by Rivest include RC4, RC5 and RC6.
The development of RC2 was sponsored by Lotus, who were seeking a custom cipher that, after evaluation by the NSA, could be exported as part of their Lotus Notes software. The NSA suggested a couple of changes, which Rivest incorporated. After further negotiations, the cipher was approved for export in 1989. Along with RC4, RC2 with a 40-bit key size was treated favourably under US export regulations for cryptography.
Initially, the details of the algorithm were kept secret — proprietary to RSA Security — but on 29th January, 1996, source code for RC2 was anonymously posted to the Internet on the Usenet forum, sci.crypt. A similar disclosure had occurred earlier with RC4. It is unclear whether the poster had access to the specifications or whether it had been reverse engineered.
RC2 is a 64-bit block cipher with a variable size key. Its 18 rounds are arranged as a source-heavy Feistel network, with 16 rounds of one type (MIXING) punctuated by two rounds of another type (MASHING). A MIXING round consists of four applications of the MIX transformation, as shown in the following diagram:
RC2 is vulnerable to a related-key attack using 234 chosen plaintexts (Kelsey et al, 1997).
Sources
- Steven Levy, Crypto: How the Code Rebels Beat the Government — Saving Privacy in the Digital Age, ISBN 0140244328, 2001.
References
- Lars R. Knudsen, Vincent Rijmen, Ronald L. Rivest, Matthew J. B. Robshaw: On the Design and Security of RC2. Fast Software Encryption 1998: 206–221
- John Kelsey, Bruce Schneier, David Wagner: Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. ICICS 1997: 233–246
External links
- RFC 2268: A Description of the RC2(r) Encryption Algorithm (http://www.faqs.org/rfcs/rfc2268.html)
- RSA FAQ: What is RC2? (http://www.rsasecurity.com/rsalabs/node.asp?id=2249)
- sci.crypt posting revealing the RC2 algorithm (http://groups.google.com/groups?selm=4ehmfs%246nq%40utopia.hacktic.nl)
| Block ciphers edit (https://academickids.com:443/encyclopedia/index.php?title=Template:Block_ciphers&action=edit) |
| Algorithms: 3-Way | AES | Akelarre | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | FOX | FROG | G-DES | GOST | ICE | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | REDOC | Red Pike | S-1 | SAFER | SEED | Serpent | SHACAL | SHARK | Skipjack | Square | TEA | Triple DES | Twofish | XTEA |
| Design: Feistel network | Key schedule | Product cipher | S-box | SPN Attacks: Brute force | Linear / Differential cryptanalysis | Mod n | XSL Standardisation: AES process | CRYPTREC | NESSIE Misc: Avalanche effect | Block size | IV | Key size | Modes of operation | Piling-up lemma | Weak key |