Re: Multiple encryption: again, and again, and again...

From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 08/09/03


Date: Sat, 09 Aug 2003 16:26:59 GMT


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kev wrote:
| So, my question to the experts is: if you're reasonably sure that a
| certain set of ciphers used cumulatively doesn't weaken the overall
| chain, isn't multiple encryption worthwhile (if speed isn't a major
| concern)

No. There are multiple arguments against it

1. Increases size, decreases speed
2. Increases complexity
3. Doesn't provide additional security
4. Can easily mislead newbies as to the uber properties.

Tom
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/NSDVsP+tEsHHY0ARArL7AJsG+9j2pSF4O6g059AxTZr6Y8YqZwCfeX59
kVvswdvPyS35949sN3Mh3S8=
=BBJT
-----END PGP SIGNATURE-----



Relevant Pages

  • Re: Should be in crypto for John E. Hadstate Re: just stupid?
    ... > The end result of a multiple encryption of cipher A, B, and C is the cipher ... The cipher composed of ciphers ... attack on the simple internal structure. ... > should worry cryptologists and potential users of the program. ...
    (sci.crypt)
  • Multiple encryption: again, and again, and again...
    ... The whole issue of multiple encryption seems to be a recurring theme ... Let's say your plaintext is encrypted once with AES. ... force attack won't work against Blowfish, ... By using two ciphers the problem isn't twice at hard - ...
    (sci.crypt)
  • Re: Should be in crypto for John E. Hadstate Re: just stupid?
    ... > My main argument is that the added protocol complexity of using multiple ... > the potential security advantage that multiple ciphers can offer. ... the idea that Multiple Encryption ... Terry Ritter 1.3MB Crypto Glossary ...
    (sci.crypt)
  • Re: Should be in crypto for John E. Hadstate Re: just stupid?
    ... Ritter was cited an as expert by this CryptoSMS fellow. ... >>In practice, the multiple encryption tradeoff ... > needs to analyzed as if it was one (not a cascade of ciphers) cipher. ...
    (sci.crypt)
  • Re: L14 algorithm/source update ........
    ... |>I do apologise, but it was necessary for me to make a very minor ... Other than "block ciphers suck and stream ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
    (sci.crypt)