RFC 2040 (rfc2040) - Page 2 of 29

The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms

Alternative Format: Original Text Document
< Previous
Next >
RFC 2040         RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS     October 1996


   block.  The RC5-CTS cipher is the Cipher Text Stealing mode of RC5,
   which handles plaintext of any length and the ciphertext length
   matches the plaintext length.

   The RC5 cipher was invented by Professor Ronald L. Rivest of the
   Massachusetts Institute of Technology in 1994.  It is a very fast and
   simple algorithm that is parameterized by the block size, the number
   of rounds, and key length.  These parameters can be adjusted to meet
   different goals for security, performance, and exportability.

   RSA Data Security Incorporated has filed a patent application on the
   RC5 cipher and for trademark protection for RC5, RC5-CBC, RC5-CBC-
   Pad, RC5-CTS and assorted variations.

2.  Overview

   This memo is a restatement of existing published material.  The
   description of RC5 follows the notation and order of explanation
   found in the original RC5 paper by Professor Rivest [2].  The CBC
   mode appears in reference works such as the one by Bruce Schneier
   [6].  The CBC-Pad mode is the same as in the Public Key Cryptography
   Standard (PKCS) number five [5].  Sample C code [8] is included for
   clarity only and is equivalent to the English language descriptions.

   The ciphers will be explained in a bottom up object-oriented fashion.
   First, RC5 keys will be presented along with the key expansion
   algorithm.  Second, the RC5 block cipher is explained, and finally,
   the RC5-CBC and RC5-CBC-Pad ciphers are specified.  For brevity, only
   the encryption process is described.  Decryption is achieved by
   inverting the steps of encryption.

   The object-oriented description found here should make it easier to
   implement interoperable systems, though it is not as terse as the
   functional descriptions found in the references.  There are two
   classes of objects, keys and cipher algorithms.  Both classes share
   operations that create and destroy these objects in a manner that
   ensures that secret information is not returned to the memory
   manager.

   Keys also have a "set" operation that copies a secret key into the
   object.  The "set" operation for the cipher objects defines the
   number of rounds, and the initialization vector.

   There are four operations for the cipher objects described in this
   memo.  There is binding a key to a cipher object, setting a new
   initialization vector for a cipher object without changing the key,
   encrypting part of a message (this would be performed multiple times
   for long messages), and processing the last part of a message which



Baldwin & Rivest             Informational
< Previous
Next >