Re: Should be in crypto for John E. Hadstate Re: just stupid?

From: BRG (brg_at_nowhere.org)
Date: 08/09/05


Date: Tue, 09 Aug 2005 00:43:56 +0100

Terry Ritter wrote:

>>My main argument is that the added protocol complexity of using multiple
>>ciphers carries a potential security cost that has to be weighed against
>>the potential security advantage that multiple ciphers can offer.
>
> While "added protocol complexity" might be an
> argument against selecting from a wide range of
> ciphers, as I advocate, it has little to do
> with Multiple Encryption. One could pre-select
> which ciphers were to be used, in which case
> there would be no selection protocol. But
> there would be added redundancy.

Ok, call it extra implementation complexity if you wish.

> Moreover, the idea that Multiple Encryption
> is no advantage contains the assumption that
> the alternative single cipher is secure. But
> that is not known. Cryptanalysis does not
> tell us that. So there is and can be no value
> to "weigh against." Implying otherwise is not
> an argument, it is belief. It is wishes and
> hopes, and if that were sufficient, we would
> not need cryptography at all.

Who said that multiple encryption carries no advantge?

>>And in my experience the balance of advantage for common applications
>>lies with the simpler single algorithm approach.
>
> Of course, unless you are an opponent, you
> could not know about "the balance of advantage."

The extent to which I can have confidence in my assessment of the
balance of advantge does indeed depend on how much I know about the
capabilities of the opponent.

In most _common_ situations I will know enough about their capability to
make a high confidence assessment of this (albeit not a perfect one).

   Brian Gladman