Re: Encrypting again an already encrypted file increase security ?

From: Alun Jones (alun@texis.com)
Date: 02/11/03


From: alun@texis.com (Alun Jones)
Date: Tue, 11 Feb 2003 20:30:56 GMT

In article <1gb2a.10$As2.387@paloalto-snr1.gtei.net>, Barry Margolin
<barry.margolin@level3.com> wrote:
>But I'm not a cryptologist, so that's just from my general understanding of
>cryptography. Perhaps if you asked in sci.crypt you would get a more
>informed answer from real cryptologists.

I hope Eric Rescorla won't mind if I quote verbatim from his "SSL and TLS"
book:

"Because DES has withstood such aggressive analysis, when the key length
became too short a very attractive prospect was just to run the data through
more than once, a process called superencryption. Unfortunately, just using
DES twice (2DES) turns out not to be that much more secure than DES. There's
an attack called the meet-in-the-middle attack that allows you to break 2DES
in the same time as DES if you have 2^56 blocks of memory to work with. As a
consequence, people were forceed to encrypt the data three times (3DES). 3DES
has an effective strength of 112 bits, the strength that you would naively
expect 2DES to have."

There's an obvious note to make, that doubly encrypting something may be less
secure than singly encrypting it, depending on the algorithm in use. Let's
say, for instance, that your algorithm is "add the key to each character,
modulo 256". So, say you encrypt once with the key 192, then again with the
key 64. End result, you've produced an output that matches exactly the
original text. As to whether doubly encrypting is better than singly
encrypting (let alone doubly better), you'd have to analyse the particular
algorithm chosen to say whether that's true.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]

-- 
Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place   | http://www.wftpd.com or email alun@texis.com
Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for XP/2000/NT.


Relevant Pages

  • Re: FUD about CGD and GBDE
    ... And Roland made the algorithm you use for encrypting your disk ... isn't someone cracking AES but key management issues. ...
    (freebsd-hackers)
  • Re: CryptoAPI and private key /not public/ encryption with CryptEncrypt - can not use CryptHash* fun
    ... >> decrypting with public key. ... > cryptography providers. ... Encrypting with the private key is equivalent to signing. ...
    (microsoft.public.platformsdk.security)
  • Re: How to import a key to the crypto context ?
    ... Are you using Windows XP and later? ... > I need to encrypt a file using DES algorithm. ... the crypto context to do encryption using CryptEncryptfunction? ... actuall key required for encrypting a file using DES algorithm. ...
    (microsoft.public.platformsdk.security)
  • Re: Indentifying crpytography algorithm
    ... Please help me list ways of "Indentifying crpytography algorithm" ... hope for an all ARC4 method of keying, encrypting, and authenticating. ... No. Pubkeybreaker is correct for properly encrypted messages. ... An example would be an IV/Counter for using with AES-CTR: ...
    (sci.crypt)
  • Re: Password encoding
    ... "ccrypt is a utility for encrypting and decrypting files and streams." ... > rently DES if it is available, or MD5 if not. ... > How the salt is used will depend upon the algorithm for the hash. ...
    (FreeBSD-Security)