RSA Laboratories

The RSA Laboratories Secret-Key Challenge

This challenge is no longer active

The goal of RSA Laboratories’ secret-key challenges was to quantify the security offered by the government-endorsed data encryption standard (DES) and other secret-key ciphers with keys of various sizes. The information obtained from these contests was of value to researchers and developers alike as they estimated the strength of algorithm sor applications against exhaustive key-search.

It is widely agreed that 56-bit keys, such as those offered by the government's DES standard, offer marginal protection against a committed adversary. In 1999, the Electronic Frontier Foundation’s “Deep Crack” machine, in combination with, successfully solved RSA’s DES Challenge III in 22 hours and 15 minutes.

The RSA Secret-Key Challenge consisted of one DES challenge and twelve contests based around the block cipher RC5. While DES has a fixed key of length 56 bits, RC5 is a fully parameterized block cipher. RSA posted twelve RC5 contests. As well as having a variable key size, RC5 also has a variable block size and a variable number of rounds; however, all the RC5 contests posted as part of the RSA Secret-Key Challenge used 12-round RC5 with a 32-bit word size. The different RC5 contests involved secret keys of different lengths. The first RC5 contest consisted of some unknown plaintext encrypted using a 40-bit key; the second consisted of some unknown plaintext encrypted using a 48-bit key; and so forth to the twelfth contest, which consisted of some unknown plaintext message encrypted using a 128-bit key.

For each contest, the unknown plaintext message was preceded by three known blocks of text that contained the 24-character phrase "The unknown message is: ". While the mystery text that followed is known to a few employees of RSA Security, the secret key itself used for the encryption was generated at random and never revealed to the challenge administrators. The goal of each contest was for participants to recover the secret randomly-generated key that was used in the encryption.

The last successfully completed challenge was RC5-32/12/8. Its 64-bit key was recovered in 28 January 1997.

In addition to the "real" contests, thirteen "pseudo-contests" were posted. These pseudo-contests had no prizes attached to them and the solutions to each pseudo-contest were not secret. The pseudo-contests were only supplied so that contest participants could test out their software in a "contest" scenario with a known solution.