Re: Should be in crypto for John E. Hadstate Re: just stupid?
From: BRG (brg_at_nowhere.org)
Date: Tue, 09 Aug 2005 00:43:56 +0100
Terry Ritter wrote:
>>My main argument is that the added protocol complexity of using multiple
>>ciphers carries a potential security cost that has to be weighed against
>>the potential security advantage that multiple ciphers can offer.
> While "added protocol complexity" might be an
> argument against selecting from a wide range of
> ciphers, as I advocate, it has little to do
> with Multiple Encryption. One could pre-select
> which ciphers were to be used, in which case
> there would be no selection protocol. But
> there would be added redundancy.
Ok, call it extra implementation complexity if you wish.
> Moreover, the idea that Multiple Encryption
> is no advantage contains the assumption that
> the alternative single cipher is secure. But
> that is not known. Cryptanalysis does not
> tell us that. So there is and can be no value
> to "weigh against." Implying otherwise is not
> an argument, it is belief. It is wishes and
> hopes, and if that were sufficient, we would
> not need cryptography at all.
Who said that multiple encryption carries no advantge?
>>And in my experience the balance of advantage for common applications
>>lies with the simpler single algorithm approach.
> Of course, unless you are an opponent, you
> could not know about "the balance of advantage."
The extent to which I can have confidence in my assessment of the
balance of advantge does indeed depend on how much I know about the
capabilities of the opponent.
In most _common_ situations I will know enough about their capability to
make a high confidence assessment of this (albeit not a perfect one).