Filter
Top Products
Cryptography Overview
40 RSA BSAFE Crypto-C Developer’s Guide
for 12-round RC5-32, recent cryptanalytic work suggests 16 rounds is now a more
conservative choice. For the RC5 cipher with a 64-bit word size, RSA Security
recommends at least 20 rounds.
The key size can be as little as 0 (zero) and as many as 255 bytes. The RC5 cipher uses
the secret key bytes to generate an expanded key table during the Init phase. The key
table is then used during encryption or decryption. Therefore, key length will have no
appreciable effect on algorithm speed.
The RC5 cipher is more formally described as RC5 w/r/b. For instance, the RC5
cipher with a 32-bit word, 16 rounds, and a 10 byte key would be described as RC5
32/16/10.
RC6
The RC6 cipher was developed by Ronald Rivest and Matthew Robshaw, Ray Sidney,
and Lisa Yin of RSA Laboratories West as a candidate for the Advanced Encryption
Standard (AES)
The guidelines for the RC6 cipher were aimed at creating a cipher which could take
advantage of modern computing power and architecture. These guidelines specify
that a submitted algorithm must accept 16-byte blocks (8-byte word). This is in
contrast to many previous block ciphers, such as DES and Triple DES, which operate
only on 8-byte blocks.
In accordance with these guidelines, RC6 allows a 16-byte block size, which has the
following implications:
• When you use RC6 with a feedback mode in Crypto-C, your initialization vector
must be 16 bytes.
• If you use RC6 with padding, the resulting output might be as many as 16 bytes
more than the input.
The full RC6 algorithm also allows you to specify different levels of security by setting
the number of rounds. However, the version submitted for the AES specifies 20
rounds. At 20 rounds, RC6 provides an optimal balance between security and speed.
The current implementation of Crypto-C only accepts 20 rounds.
Note: At 20 rounds, the fastest known attack on the cipher is a brute-force attack on
the key, and encryption and decryption operations are faster than with a
higher number of rounds. While fewer rounds would still offer good security,
there are attacks that would be faster than a brute-force attack on the key.
More than 20 rounds might offer more security, but the fastest attack would
still be a brute-force attack on the key, and the increased rounds number