[Q] Diceware password size

Ryan Malayter rmalayter@bai.org
Tue May 27 22:32:01 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


From: Daniel Carrera [mailto:dcarrera@math.umd.edu]=20
>Thanks.  This helps a lot.  I do feel more confortable=20
>being able to quantify the security of a passphrase=20
>instead of a hand-wavy guess.

>Now, I have a question:
>What is the RC5 algorithm?

RC5 is a block encryption algorithm similar to 3DES, AES, CAST, or
Blowfish. It is patented by RSA Security, and is used via license in
quite a few commercial products. RC5 is short for "Ron's Code No. 5",
named for its creator Ron Rivest (he's the "R" is "RSA"). RC6, an
update of RC5, was a finalist in the selection process for AES,
however Rijendael was chosen instead for a number of reasons, none of
which involved security.

RC5 is not, to my knowledge, part of any IETF standards like OpenPGP.
RC5 is interesting in that it can accept a variable key size, and RSA
offers rewards for cracking it using various key lengths.
Distributed.net received $10,000 for craking the 64-bit key, and is
working on the 72-bit RC5 challenge now. (Note also that the amount
of electricity used by the computers participating in the RC5-64
contest cost a *lot* more than $10,000).

	-ryan-

:::::::::::::::::::::::::::::::
The greatest lesson in life is to know that even fools are right
sometimes.
     -Sir Winston S. Churchill
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.94

iD8DBQE+08tE9wZiZHyXot4RAgC6AJ0T1VpARRaK4MKMbOH5WwO5kXt1EgCfXfHW
SOQ1fuw8QI8hPsdqrDTqk5Y=3D
=3Df/pF
-----END PGP SIGNATURE-----