Download the S/MIME 40-bit RC2 Cracking Screen Saver
How it Works
While the current state of computer hardware makes brute-force searches for 40-bit keys viable, not all searches are created equal. One of the features of the RC2 algorithm that was bad from the searcher's point of view was the key setup, where the 40-bit key is transformed into a 1024-bit table. This setup is expensive in terms of time, and so slows down a brute-force search. However, if you shift the whole table over a byte, and then change a couple of bytes, you now have the table for a different key! Our search program takes advantage of this anomaly in RC2, and dramatically speeds up the brute-force search.
Keep in mind that when doing this "key-table-shifting" magic, you don't arrive at the key table for the next sequential key. In fact, starting at some arbitrary key, and moving through the keyspace in this way, you will eventually return to the key you started with, without hitting all the keys. We call one of these paths through the keyspace a "cycle," and there are 28 of them. The biggest one covers more than half the keys in the keyspace. The smallest one is a degenerate case that contains only one key.
The BRUTE (or BRUTESAV) program reads from a startup file, that tells it at what key to begin searching, and in which cycle that key is. (The cycles are numbered 0 to 27, from smallest to largest.) It then starts trial decryptions, saving its progress in the startup file every 220 keys. If the first 40 bytes resulting from the decryption seems to be text, it is displayed, but the search continues. If that text begins with the string "Content-", we're pretty sure we've found the right key, so we stop.
Files to Download
There are two packages available for download:
brutex10.zip: Contains both the Win32 screen saver (BRUTESAV) and the Win32 console application (BRUTE), which can run at idle priority on Windows NT or 95. The console application is the preferred method, since it will use all the spare cycles on your PC without interfering with other applications.
brutsr10.zip: Source code for BRUTESAV and BRUTE. If you download this, you should download the executables as well: there's a data file used to create starting points that you'll need.
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.