How RC5 encryption algorithm works

RC5 is a symmetric key algorithm for block encryption designed by Ron Rivest. It is suitable for both hardware and software implementations due to the following characteristics:

• Simplicity: The algorithm only uses primitive computer operations, such as addition, subtraction, bitwise XOR, and circular shifts. This makes it easy to implement and analyze.

• Flexibility: It allows a variable number of rounds and bit size of the key.

• Low memory utilization: It can be implemented on devices with limited memory.

Parameterization

RC5 is a parameterized, word-oriented algorithm. This means it is a block cipher with a two-word input (plaintext) and a two-word output (ciphertext) block size. The parameters are detailed as follows:

Word size: $w$

This is the word size in bits. RC5 has two $w$ bit blocks, so the input and output blocks are each $2w$ bits long. For example, if $w$ is $32$ bit, then the input block will be $64$ bit long.

Number of rounds: $r$

This is the number of rounds and determines the trade-off between speed and security, where greater rounds imply higher security but lower speed. $r$ also influences the size $t$ of the expanded key table $S$ that is derived from the secret key. The formula for $t$ is as follows:

Number of bytes in secret key: $b$

This is the number of $8$-bit bytes in the user-provided secret key, $K$, and has the allowable range from $0-255$ bytes.

The table below summarizes the parameters:

Given these parameters, the notation for the algorithm is as follows:

            $RC5-w/r/b$

The nominal version of this is $RC5-32/12/16$, which implies there are two $32$ bit word inputs and outputs, $12$ rounds, and a $16$ byte ($128$ bit) key.

Primitive operations

RC5 uses only three primitive operations and their inverses. These are:

• Addition: This refers to the two's complement addition of words and is denoted by $+$. The inverse of this is subtraction, denoted by $-$.

• Bitwise XOR: This is the bitwise exclusive-OR of words and is denoted by $\oplus$.

• Left rotation: This is the cyclic left rotation of words, denoted by $x <<< y$, where $x$ is the word and $y$ is the number of bits to be shifted. The inverse is cyclic right rotation, represented by $x>>>y$.

The algorithm

Now that we have defined the parameters and operations, we can begin taking a look at the three components of the RC5 encryption algorithm:

• Key expansion algorithm

• Encryption

• Decryption

The diagram below illustrates the order of these components:

Key expansion algorithm

Recall that RC5 uses an expanded key table, $S[0...t-1]$, derived from the provided secret key, $K$. The key expansion algorithm expands $K$ by filling the array $S$ with $t=2(r+1)$ binary words. It does this over four steps, as outlined below:

Step 1: Initialization of magic constants

RC5 uses two word-sized constants, $P$ and $Q$. They are defined as follows:

Where $e$ is the base of natural logarithms and $\phi$ is the golden ratio.

For $w= 16, 32,$and $64$, the values of P and Q are given in the table:

Step two: Converting the secret key $K$ from bytes to words

The secret key array, $K[0...b-1]$, is used to initialize a new array, $L[0...c-1]$, where $c=\lceil b/u \rceil$ and $u=w/8$ bytes per word. Once $L$ is declared, the pseudocode for copying $K$ to it is as follows:

Step three: Initializing the array $S$

This step requires the initialization of the array $S$ of size $t=2(r+1)$ and is dependent on the magic constants, $P$ and $Q$. The pseudocode is given below:

Step four: Secret key mixing

The last step of the key expansion algorithm involves mixing the provided secret key over the arrays $S$ and $L$. The larger of these arrays will be processed three times, and the smaller may be processed more. Moreover, $A$ and $B$ are registers that store input values of size $w$ bit each.

The pseudocode for mixing is as follows:

Encryption

Now that we have the expanded key in the array $S[0...t-1]$, we can perform the encryption algorithm as specified below. Note that registers $A$and $B$ hold the plaintext divided into two $w$ bit blocks.

Once $r$ rounds are over, $A$ and $B$ together form the output ciphertext.

Decryption

The pseudocode for the decryption algorithm is the reverse of the encryption algorithm, as shown:

This concludes the overview of the different steps in the RC5 encryption algorithm.