Chapter 2 Algorithm Info Types 127
AI_MD5WithRC2_CBCPad
AI_MD5WithRC2_CBCPadPurpose:
This AI allows you to perform password-based encryption. This means that the input
data will be encrypted with a secret key derived from a password, and it can be
successfully decrypted only when the correct password is provided. Although this AI
can be used to encrypt arbitrary data, its intended primary use is for encrypting
private keys when transferring them from one computer system to another, as
described in PKCS #8.
This AI employs the RC2 block cipher with padding, where the secret key is derived
from a password using the MD5 message digest algorithm. MD5 is described in RFC
1321. The RC2 cipher is described in RFC 2268. The CBC mode is similar to the one
used in RC5-CBC, which can be found in RFC 2040.
Other algorithms that can be used for password-based encryption are
AI_MD2WithDES_CBCPad, AI_MD2WithRC2_CBCPad, AI_MD5WithDES_CBCPad, and
AI_SHA1WithDES_CBCPad.
Type of information this allows you to use:
the effective key size, salt, and iteration count for the MD5 With RC2-CBC password-
based encryption algorithm. The salt is concatenated with the password before being
processed by MD5, and the iteration count specifies how many times the digest needs
to be run. The count of 2 indicates that the result of digesting password-and-salt
string needs to be run once more through MD5. The first 8 bytes of the final digest are
used as an initialization vector for cipher-block chaining mode, while the last 8 bytes
are supplied as the key material to the RC2_CBCPad algorithm. This algorithm modifies
the 64 key bits according to the effectiveKeyBits parameter. RSA Security Inc.
recommends using values between 40 and 128 bits for the effectiveKeyBits
parameter. Since only 64 bits of key material are supplied to the algorithm,
effectiveKeyBits values over 64 bits do not improve security.