0

mcrypt's implementation of RC2 has a fixed effective length of 1024 bits, however, it is possible to simulate keys with effective lengths between 1-1024 by doing something like this:

http://php.net/manual/en/function.mcrypt-generic-init.php#111496

My question is... is there a similar technique that can be used with OpenSSL? OpenSSL's implementation of RC2 has a fixed effective key length of 128 bits but is it possible to simulate keys with effective lengths between 1-128 bits with OpenSSL?

The php.net technique doesn't work out of the box for OpenSSL because the PHP technique essentially creates a 1024 bit key out of a key between 1-2024 bits long. And you can't truncate the result, either, since, quoting RFC2268, "the purpose of th key-expansion algorithm [in RC2] is to modify the key buffer so that each bit of the expanded key depends in a complicated way on every bit of the supplied input key".

Any ideas?

Also, does anyone know of any sort of more authoritative reference for the technique described at php.net?

neubert
  • 2,855
  • 1
  • 25
  • 48
  • Why are you using RC2? Don't use RC2. It's not a good choice for any new design. Use a better cryptosystem, e.g., AES in an authenticated encryption mode. – D.W. Nov 30 '14 at 06:56
  • Ok. I will tell that to the company who's API my company is integrating with. I'm sure that will go absolutely no where, leaving me right back where I started. While I'm at it I think I'll go write a letter to Obama telling him that the individual mandate sucks and that single payer is better. I'm sure that'll go just as far. – neubert Nov 30 '14 at 07:23
  • Have you determined the values of T and T1 (in the sense of [rfc2268](http://tools.ietf.org/html/rfc2268) section 2) used in the implementation that you want, and in the OpenSSL implementation that you start from? My reading is that the "effective key length" T1 in rfc2268 can be any multiple of 8 from 128 to 1024 for an implementation accepting both T=5 and T=16 bytes of key. – fgrieu Nov 30 '14 at 17:57

0 Answers0