LLMpediaThe first transparent, open encyclopedia generated by LLMs

RC5

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Cipher Block Chaining Hop 4
Expansion Funnel Raw 39 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted39
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
RC5
NameRC5
DesignerRonald Rivest
Publish date1994
Key size0–2040 bits (variable)
Block size32, 64, or 128 bits (parameterized)
Rounds0–255 (parameterized)
StructureFeistel-like, data-dependent rotations
Cryptanalysisdifferential cryptanalysis, brute-force attacks

RC5 is a symmetric-key block cipher designed by Ronald Rivest and introduced in a 1994 paper and accompanying proposal. It is notable for its simplicity, parameterized flexibility in block size, key length, and iteration count, and the novel use of data-dependent rotations. The algorithm influenced subsequent designs and provoked extensive cryptanalytic study by researchers at institutions such as Massachusetts Institute of Technology, RSA Security, and national laboratories.

History

The cipher was announced by Ronald Rivest while affiliated with RSA Security and disseminated through academic venues involving contributors from Massachusetts Institute of Technology and the broader cryptographic community. It emerged during the 1990s when block cipher research followed breakthroughs like Data Encryption Standard replacement efforts and public contests such as the Advanced Encryption Standard process, prompting comparisons with contemporaries like Blowfish, IDEA, and Twofish. Early promotion included open parameterization to encourage analysis, leading to rapid engagement by research groups at institutions such as Stanford University, University of California, Berkeley, and government labs including National Institute of Standards and Technology personnel.

Design

RC5 employs a simple key schedule, a small set of operations—addition modulo 2^w, exclusive OR, and data-dependent bitwise rotation—and a Feistel-like round structure. The cipher's designer specified three main parameters: word size w (commonly 32 or 64), number of rounds r, and key length b, allowing configurations to match platforms from embedded controllers to servers. The internal key expansion derives subkeys using constants and iterative mixing inspired by Knuth's algorithms, and the round function uses data-dependent rotations where rotation amounts depend on word values rather than fixed schedules. This design was intended to optimize performance on register-oriented processors such as those from Intel and ARM while retaining diffusion properties highlighted in works by Claude Shannon and block cipher theory from researchers at IBM.

Cryptanalysis

RC5 attracted extensive analysis from cryptographers at universities and research centers including École Polytechnique Fédérale de Lausanne, University of Luxembourg, and Royal Holloway, University of London. Attacks studied include differential cryptanalysis, linear cryptanalysis, and rotational cryptanalysis tailored to its data-dependent rotations; notable techniques were developed by scholars like Eli Biham, Adi Shamir, and Michael Wiener. Published results include key-recovery and distinguishers for reduced-round variants, and practical brute-force recoveries demonstrated using distributed efforts coordinated by groups associated with RSA Security and volunteer computing projects akin to later distributed cracking initiatives. Work by analysts at Cryptography Research, Inc. and teams affiliated with National Security Agency-adjacent research highlighted tradeoffs between round count and resistance to slide and related-key attacks.

Implementations and Performance

Implementations span software libraries and hardware cores developed by organizations including RSA Security, open-source projects on platforms like GNU Project ecosystems, and hardware implementations for vendors producing ARM-based microcontrollers. Performance benchmarks compared implementations in C, assembly for x86 and ARM instruction sets, and FPGA cores synthesized by teams from Xilinx and Altera. Results showed RC5's data-dependent rotations often yield efficient cycles-per-byte on general-purpose CPUs but present challenges for constant-time implementations sought by security-conscious groups such as developers at OpenSSL Project and platform teams at Red Hat.

Applications and Use Cases

RC5 saw adoption in proprietary protocols and research prototypes developed by companies including RSA Security and in academic projects at universities like Massachusetts Institute of Technology and University of Cambridge. Use cases included file encryption utilities, cryptographic toolkits for embedded devices produced by vendors in the Silicon Valley area, and experimental secure messaging systems in laboratory settings. Due to patent and licensing considerations handled by companies such as RSA Security and shifting standards driven by National Institute of Standards and Technology, deployments favored proven, standardized ciphers in many production environments.

Variants and Extensions

Several variants and extensions emerged from academic and industrial research groups, including parameter choices for larger word sizes and round counts evaluated by teams at École Normale Supérieure and collaborative projects with researchers from INRIA. Derivatives explored tweaks to the key schedule, incorporation into cipher modes (CBC, CTR) standardized by organizations like Internet Engineering Task Force, and hybrid constructions combining RC5-style rotations with other primitives in experiments by groups at Carnegie Mellon University. These variant studies informed best practices for cipher parameterization and influenced designs in subsequent algorithms proposed during standards competitions involving bodies such as IEEE and IETF.

Category:Block ciphers