Re: Encrypting again an already encrypted file increase security ?

From: Andrew Swallow (
Date: 02/20/03

From: "Andrew Swallow" <>
Date: Thu, 20 Feb 2003 03:16:54 +0000 (UTC)

"Alun Jones" <> wrote in message
> In article <>,
> >Yah, /I/ was thinking of encrypting some data with my private key, then
> >encrypting the encrypted data with my public key, but I realized that,
> >instead of doubly-encrypted data, the end result would be the unencrypted
> >data <grin>.
> Okay, so we have obvious examples of where applying a process described as
> "encryption", followed by another process also described as "encryption"
> results in a null encryption - we've also seen (with 2DES) a process
> two encryptions result in significantly less than the expected twice the
> effective key length. This suggests that, without careful analysis, a
> or naive application of encryption followed by more encryption is, at the
> least, not "twice as strong", and at worst, may be less strong, and
> even, in the pathological case, return the plaintext. My point is simply
> encrypting and encrypting again is only worth relying on to be more secure
> than either encryption if the effect of the "double encryption" has been
> analysed in as much depth as either encryption.
> The fact that the pathological examples sound stupid doesn't invalidate
> point.

An interesting example is applying the Caesar cipher twice. This moves
each letter on by 2 * 3 = 6 characters. This has the same strength as a
encryption, just a different key variable.

Andrew Swallow