Score:4

Crypto

Notion of base2-logarithm in RC6 specification

Jesko Hüttenhain

7/20/23, 9:31 PM

I was reading this paper on RC6 and formally, the algorithm is defined for an arbitrary word size $w$, even though only $w=32$ was considered for the AES submission. Now the paper explicitly mentions the choice $w=24$, among others. Later on in the paper, it says:

"The base-two logarithm of $w$ will be denoted by $\operatorname{lg}w$."

As part of the encryption routine, the following step is performed: $$ t = (B\times(2B+1)) \lll \operatorname{lg} w $$ This makes perfect sense for $w=32$ as $32$ is a power of two and $\operatorname{lg} w$ will be an integer, by which you can rotate another integer. However, for $w=24$, this formally asks me to rotate the value by approximately $4.584962500721156$ bits, which I find rather puzzling.

My question is: What is the correct interpretation of $\operatorname{lg} w$ for implementations of RC6 that allow other values for $w$, specifically when $w$ is not a power of two?

275

0 + 0

implementation

rc6

kelalaka

7/20/23, 9:51 PM

https://github.com/TakLun/RC6/blob/master/RC6/RC6.cpp#L7

Jesko Hüttenhain

7/20/23, 9:53 PM

@kelalaka this is definitely one way to do it, but I was hoping there was an "official" reference for how this should be handled.

kelalaka

7/20/23, 9:53 PM

It is more about least-significant fraction bit vs least-significant bit

Score:4

Crypto

kelalaka

7/20/23, 10:53 PM

From RC6 and RC5 Test Vectors For Multiple Block Sizes (draft-krovetz-rc6-rc5-vectors-00)

/* Calculate floor(base-2 log of x) for any x>0.                   */
static int lg2(int x) {
    int ans=0;
    for ( ; x!=1; x>>=1)
        ans++;
    return ans;
}

So the return is the LSB of the integer part;

log_w = (unsigned int)log2(w);

Test it here,

0 + 0

kelalaka

7/20/23, 10:56 PM

There should be [NIST test values](http://www-08.nist.gov/encryption/aes/round1/testvals/rc6-vals.zip), however, they are missing even in the [web.archive.org](https://web.archive.org/web/20060625224909/http://www-08.nist.gov/encryption/aes/round1/testvals/rc6-vals.zip)

Jesko Hüttenhain

7/20/23, 11:56 PM

Thank you! This is perfect.

kelalaka

7/21/23, 10:03 AM

Note that [Schneier codes](https://www.schneier.com/books/applied-cryptography-source) only includes `5` as hard coded $log_2$.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Notion of base2-logarithm in RC6 specification

TH: แนวคิดของลอการิทึมฐาน 2 ในข้อมูลจำเพาะ RC6

RO: Noțiunea de logaritm de bază2 în specificația RC6

RU: Понятие логарифма по основанию 2 в спецификации RC6

VI: Khái niệm logarit cơ số 2 trong đặc tả RC6

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.