Cryptanalysis
12-round RC5 (with 64-bit blocks) is susceptible to a differential attack using 244 chosen plaintexts. 18–20 rounds are suggested as sufficient protection.
RSA Security, which has a patent on the algorithm, offered a series of US$10,000 prizes for breaking ciphertexts encrypted with RC5, but these contests have been discontinued as of May 2007. A number of these challenge problems have been tackled using distributed computing, organised by Distributed.net. Distributed.net has brute-forced RC5 messages encrypted with 56-bit and 64-bit keys, and is working on cracking a 72-bit key; as of August 2012, 2.489% of the keyspace has been searched. At the current rate, it will take approximately 200 years to test every possible remaining key, and thus guarantee completion of the project.
Read more about this topic: RC5