RC2
In cryptography, RC2 (also known as ARC2) is a symmetric-key block cipher designed by Ron Rivest in 1987. "RC" stands for "Ron's Code" or "Rivest Cipher"; other ciphers designed by Rivest include RC4, RC5, and RC6.
The MIX transformation of RC2; four of these comprise a MIXING round | |
General | |
---|---|
Designers | Ron Rivest |
First published | leaked in 1996, designed in 1987 |
Cipher detail | |
Key sizes | 8–1024 bits, in steps of 8 bits; default 64 bits |
Block sizes | 64 bits |
Structure | Source-heavy unbalanced Feistel network |
Rounds | 16 of type MIXING, 2 of type MASHING |
Best public cryptanalysis | |
A related-key attack is possible requiring 234 chosen plaintexts (Kelsey et al., 1997). |
The development of RC2 was sponsored by Lotus, who were seeking a custom cipher that, after evaluation by the NSA, could be exported as part of their Lotus Notes software. The NSA suggested a couple of changes, which Rivest incorporated. After further negotiations, the cipher was approved for export in 1989. Along with RC4, RC2 with a 40-bit key size was treated favourably under US export regulations for cryptography.
Initially, the details of the algorithm were kept secret — proprietary to RSA Security — but on 29 January 1996, source code for RC2 was anonymously posted to the Internet on the Usenet forum, sci.crypt. Mentions of CodeView and SoftICE (popular debuggers) suggest that it had been reverse engineered. A similar disclosure had occurred earlier with RC4.
In March 1998 Ron Rivest authored an RFC publicly describing RC2 himself.
RC2 is a 64-bit block cipher with a variable size key. Its 18 rounds are arranged as a source-heavy unbalanced Feistel network, with 16 rounds of one type (MIXING) punctuated by two rounds of another type (MASHING). A MIXING round consists of four applications of the MIX transformation, as shown in the diagram.
RC2 is vulnerable to a related-key attack using 234 chosen plaintexts (Kelsey et al., 1997).
Sources
- Levy, Steven (2001). Crypto : how the code rebels beat the government-- saving privacy in the digital age. Penguin Books. ISBN 0-14-024432-8.
References
- Knudsen, Lars R.; Rijmen, Vincent; Rivest, Ronald L.; Robshaw, Matthew J. B. (1998-08-16). "On the Design and Security of RC2" (PDF). Fast Software Encryption. Springer Berlin Heidelberg: 206–221. doi:10.1007/3-540-69710-1_14. Retrieved 2018-10-10.
- Kelsey, John; Schneier, Bruce; Wagner, David (1997). Han, Y.; Okamoto, T.; Qing, S. (eds.). "Related-key cryptanalysis of 3-WAY, Biham-DES,CAST, DES-X, NewDES, RC2, and TEA". Lecture Notes in Computer Science. Springer, Berlin, Heidelberg. 1334: 233–246. doi:10.1007/BFb0028479. Retrieved 2018-10-10.
External links
- RFC 2268 - A Description of the RC2(r) Encryption Algorithm
- RSA FAQ: What is RC2?
- sci.crypt posting revealing the RC2 algorithm