Re: Encrypting again an already encrypted file increase security ?
From: Jerry Coffin (jcoffin@taeus.com)
Date: 02/11/03
- Next message: dave anonymous: "difficulty of determining key used in HMAC-SHA1"
- Previous message: Kevin Buhr: "Re: How to Recognize a Successful Brute Force Attack?"
- In reply to: Sven Fischer: "Encrypting again an already encrypted file increase security ?"
- Next in thread: Ernst-Udo Wallenborn: "Re: Encrypting again an already encrypted file increase security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jerry Coffin <jcoffin@taeus.com> Date: Tue, 11 Feb 2003 01:24:24 GMT
In article <b26gl0$q6r$02$1@news.t-online.com>, sven_20@mail.com says...
> Assume I have a file which is already encrypted with lets say a Blowfish tool.
> If I encrypt exactly this file again with another encryption algorithm tool
> (e.g. IDEA or DES or RSA or whatever) does this improve the secureness ?
> Or is the crackability (read: the theoretical probability of being cracking
> within a certain period of time) equal the security/safety of the best of the
> two used encryption methods ? That would mean that applying a less secure
> encryption methdo would NOT improve the security.
This is known as superencipherment, and it's been around for a long
time. In fact most current encryption algorithms are more or less built
around superenciherment internally (several rounds of encryption with
similar algorithms but different keys, passes through several S-boxes
with different contents, etc.)
For superencipherment to do any good, the two ciphers involved must not
form a group. For example, if you use simple XOR encipherment twice
with two different keys, it's equivalent to enciphering once with a
third key, and the attacker can break the cipher by finding the third
key that's equivalent to your two keys -- which means that after finding
the key, the attacker would actually be able to decode your messages
faster than you can yourself using the original keys.
Assuming the ciphers in question are non-trivial, and that you use
separate, independent keys for them, then the result will normally be at
least as strong as the stronger of the two. I.e. the attacker will
normally have to break both ciphers to decrypt your message. Using
ciphers of substantially different internal structures can minimize the
chances of a breakthrough allowing decryption of your messages.
Combining two ciphers of extremely similar structures is less likely to
provide major benefits.
--
Later,
Jerry.
The universe is a figment of its own imagination.
- Next message: dave anonymous: "difficulty of determining key used in HMAC-SHA1"
- Previous message: Kevin Buhr: "Re: How to Recognize a Successful Brute Force Attack?"
- In reply to: Sven Fischer: "Encrypting again an already encrypted file increase security ?"
- Next in thread: Ernst-Udo Wallenborn: "Re: Encrypting again an already encrypted file increase security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
