RC6 is a common-key block cipher that was proposed as one of the AES candidates. Although any weakness of RC6 in the use of the confidentiality is not known, Saarinen pointed out the existence of almost equivalent keys in RC6 with 176-byte keys. This means that the Davies-Meyer hash function based on RC6 with 176-byte keys is not a good collision-resistance function. However, Saarinen could not find a precise collision of it. In this paper, we propose a practical method for obtaining a collision of the Davies-Meyer hash function based on RC6-32/20/176. In other words, there exist equivalent user supplied keys in RC6-32/20/176, and it is possible to obtain them practically. This means that the essential key space of RC6-32/20/176 is smaller than the space provided by 176-byte keys. Our computer simulation shows that a collision can be found in about 100 minutes. We should notice that the result of this paper does not affect the security of the AES version of RC6 because RC6-32/20/176 discussed in this paper is different from the parameter of the AES version.

This paper devises a sophisticated approach to the performance estimation of an embedded hardware-software codesign system at the architecture level, which intends to optimize the hardware-software configuration in terms of processing time, power dissipation, and hardware cost. A distinctive feature of this approach consists in constructing a performance estimation model proper to each component of an embedded system, such as CPU core, RAM/ROM, cache memory, and application-specific hardware, by taking account of not only the functional performance but also the data transfer. The proposed estimation schemes are incorporated into an existing instruction set simulator, so that the actual performance can be estimated accurately at the architecture level. The experimental results demonstrate that the performance estimation approach enables the precise design decision at the architecture level, which greatly contributes toward enhancing the design ability dedicatedly for mobile appliances.