RSA Secret-Key Challenge

Last updated

The RSA Secret-Key Challenge was a series of cryptographic contests organised by RSA Laboratories with the intent of helping to demonstrate the relative security of different encryption algorithms. The challenge ran from 28 January 1997 until May 2007. [1]

Contents

Contest details

For each contest, RSA had posted on its website a block of ciphertext and the random initialization vector used for encryption. To win, a contestant would have had to break the code by finding the original plaintext and the cryptographic key that will generate the posted ciphertext from the plaintext. The challenge consisted of one DES contest and twelve contests based around the block cipher RC5.

Each of the RC5 contests is named after the variant of the RC5 cipher used. The name RC5-w/r/b indicates that the cipher used w-bit words, r rounds, and a key made up of b bytes. The contests are often referred to by the names of the corresponding distributed.net projects, for example RC5-32/12/9 is often known as RC5-72 due to the 72-bit key size.

The first contest was DES Challenge III (and was also part of the DES Challenges) and was completed in 22 hours 15 minutes by distributed.net and the EFF's Deep Crack machine.

In May 2007 RSA Laboratories announced the termination of the challenge, stating that they would not disclose the solutions to the remaining contents, and nor would they confirm or reward prize money for future solutions. [1] On 8 September 2008 distributed.net announced that they would fund a prize of $4000 for the RC5-32/12/9 contest. [2]

Distributed.net

The contests are associated with the distributed.net group, which had actively participated in the challenge by making use of distributed computing to perform a brute force attack.

RC5-32/12/7 was completed on 19 October 1997, with distributed.net finding the winning key in 250 days and winning the US$10,000 prize. The recovered plaintext was: The unknown message is: It's time to move to a longer key length.

RC5-32/12/8 also carried a US$10,000 prize and was completed by distributed.net on 14 July 2002. It took the group 1,757 days to locate the key, revealing the plaintext: The unknown message is: Some things are better left unread.

There were eight contests that had not yet been solved, RC5/32/12/9 through RC5/32/12/16, each of which was a US$10,000 prize. Distributed.net is working on RC5-32/12/9 and were at 12.298% as of July 13 2024 (7.559% as of March 22 2021, 6.700% as of 20 June 2020, 5.329% as of 18 September 2018, 4.356% as of 7 January 2017). [3]

See also

Related Research Articles

In cryptography, a block cipher is a deterministic algorithm that operates on fixed-length groups of bits, called blocks. Block ciphers are the elementary building blocks of many cryptographic protocols. They are ubiquitous in the storage and exchange of data, where such data is secured and authenticated via encryption.

<span class="mw-page-title-main">Cryptanalysis</span> Study of analyzing information systems in order to discover their hidden aspects

Cryptanalysis refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic security systems and gain access to the contents of encrypted messages, even if the cryptographic key is unknown.

<span class="mw-page-title-main">Stream cipher</span> Type of symmetric key cipher

A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it is also known as state cipher. In practice, a digit is typically a bit and the combining operation is an exclusive-or (XOR).

A chosen-plaintext attack (CPA) is an attack model for cryptanalysis which presumes that the attacker can obtain the ciphertexts for arbitrary plaintexts. The goal of the attack is to gain information that reduces the security of the encryption scheme.

Malleability is a property of some cryptographic algorithms. An encryption algorithm is "malleable" if it is possible to transform a ciphertext into another ciphertext which decrypts to a related plaintext. That is, given an encryption of a plaintext , it is possible to generate another ciphertext which decrypts to , for a known function , without necessarily knowing or learning .

<span class="mw-page-title-main">RC5</span> Block cipher

In cryptography, RC5 is a symmetric-key block cipher notable for its simplicity. Designed by Ronald Rivest in 1994, RC stands for "Rivest Cipher", or alternatively, "Ron's Code". The Advanced Encryption Standard (AES) candidate RC6 was based on RC5.

A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis where the cryptanalyst can gather information by obtaining the decryptions of chosen ciphertexts. From these pieces of information the adversary can attempt to recover the secret key used for decryption.

<span class="mw-page-title-main">Block cipher mode of operation</span> Cryptography algorithm

In cryptography, a block cipher mode of operation is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity. A block cipher by itself is only suitable for the secure cryptographic transformation of one fixed-length group of bits called a block. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.

<span class="mw-page-title-main">RC6</span> Block cipher

In cryptography, RC6 is a symmetric key block cipher derived from RC5. It was designed by Ron Rivest, Matt Robshaw, Ray Sidney, and Yiqun Lisa Yin to meet the requirements of the Advanced Encryption Standard (AES) competition. The algorithm was one of the five finalists, and also was submitted to the NESSIE and CRYPTREC projects. It was a proprietary algorithm, patented by RSA Security.

<span class="mw-page-title-main">Ciphertext</span> Encrypted information

In cryptography, ciphertext or cyphertext is the result of encryption performed on plaintext using an algorithm, called a cipher. Ciphertext is also known as encrypted or encoded information because it contains a form of the original plaintext that is unreadable by a human or computer without the proper cipher to decrypt it. This process prevents the loss of sensitive information via hacking. Decryption, the inverse of encryption, is the process of turning ciphertext into readable plaintext. Ciphertext is not to be confused with codetext because the latter is a result of a code, not a cipher.

Articles related to cryptography include:

In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. Block ciphers operate on a fixed length string of bits. The length of this bit string is the block size. Both the input (plaintext) and output (ciphertext) are the same length; the output cannot be shorter than the input – this follows logically from the pigeonhole principle and the fact that the cipher must be reversible – and it is undesirable for the output to be longer than the input.

distributed.net Distributed computing organization

Distributed.net is a volunteer computing effort that is attempting to solve large scale problems using otherwise idle CPU or GPU time. It is governed by Distributed Computing Technologies, Incorporated (DCTI), a non-profit organization under U.S. tax code 501(c)(3).

In cryptography, Madryga is a block cipher published in 1984 by W. E. Madryga. It was designed to be easy and efficient for implementation in software. Serious weaknesses have since been found in the algorithm, but it was one of the first encryption algorithms to make use of data-dependent rotations, later used in other ciphers, such as RC5 and RC6.

<span class="mw-page-title-main">EFF DES cracker</span> Cryptographic hardware

In cryptography, the EFF DES cracker is a machine built by the Electronic Frontier Foundation (EFF) in 1998, to perform a brute force search of the Data Encryption Standard (DES) cipher's key space – that is, to decrypt an encrypted message by trying every possible key. The aim in doing this was to prove that the key size of DES was not sufficient to be secure.

In cryptography, ciphertext stealing (CTS) is a general method of using a block cipher mode of operation that allows for processing of messages that are not evenly divisible into blocks without resulting in any expansion of the ciphertext, at the cost of slightly increased complexity.

<span class="mw-page-title-main">DES Challenges</span> Cryptography contest

The DES Challenges were a series of brute force attack contests created by RSA Security to highlight the lack of security provided by the Data Encryption Standard.

<span class="mw-page-title-main">Cryptography</span> Practice and study of secure communication techniques

Cryptography, or cryptology, is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications.

The following outline is provided as an overview of and topical guide to cryptography:

This article summarizes publicly known attacks against block ciphers and stream ciphers. Note that there are perhaps attacks that are not publicly known, and not all entries may be up to date.

References

  1. 1 2 Lawson, Jeff (2007-05-21). "bovine [21-May-2007 @ 04:34]". blogs.distributed.net. Retrieved 2010-08-01. It is with great sadness that we must announce that RSA Labs has decided to terminate the RSA Secret-Key Challenge
  2. Lawson, Jeff (2008-09-08). "bovine [08-Sep-2008 @ 02:09]". blogs.distributed.net. Retrieved 2010-08-01. Effective with this announcement, will officially fund the prize using the same distribution ratios that we would have originally used
  3. "stats.distributed.net - RC5-72 Overall Project Stats". stats.distributed.net. Retrieved 2020-06-21.