Re: triple algorithms




Simon Johnson wrote:

Antony Clements wrote:

someone mentioned having a 3-AES style algorithm and then Mr Foolery
mentioned that it should be 3 different algorithms. This begs the question
of wether each layer should have a different mode of operation, irrespective
of algorithm

Despite what other people have told you about home-brew mixing and
matching of algorithms I would advise you don't do this.

AES is secure insofar as nobody has yet found a viable attack for it.
This is true of all good ciphers that are currently fielded.

If you compose them in some home-brew way, you're essentially
creating a new cipher out of a collection of others.

This is bad because rather than using a trusted, well know algorithm,
which has earned it stripes by rounds of repeated analysis, you've
decided to throw all that away by using an cobbled together assembly
of ciphers. There is no guarantee that this composition of ciphers
will be any more secure; it could even be weaker than the original
cipher. Worse still, you're construction is always going to be slower
than the original unbroken cipher.

The above cannot be true. If encrypting the output of an algorithm
with another algorithm using a new key made the resulting ciphertext
easier to decrypt, then double encrypting would be a standard tool
in most codebreaker's arsenals and we would be discussing which
algorithm to double-encrypt with to attack various popular algorithms.

(Encrypting the output of an algorithm with another algorithm using
the *same* key could be very bad, of course, but nobody is proposing
that.)


--
Guy Macon
<http://www.guymacon.com/>

.

Relevant Pages

  • Re: My my, how time flies ...... its been about "1 hour" -- anyone cracked CryptoSMS yet?
    ... > That there is no official algorithm recognized in which several ciphers are ... > test vectors for his encryption goulash. ... ecb test data ... RC4 Algorithm revealed, ...
    (sci.crypt)
  • Re: Algorithms to generate permutations
    ... > Assuming other aspects such as protocol and implementation have been ... algorithm] being broken because the underlying cipher was weak. ... We are talking about future UNKNOWN attacks. ... could shave bits off a dozen ciphers... ...
    (sci.crypt)
  • Re: Algorithm Strength Scale
    ... algorithm, and may not necessarily be possible to convert to the key itself. ... Admittedly, this is a significantly unusual form of attack, but it certainly ... only serves to provide an appearance of thoughtfulness. ... lengths of ciphertexts for different ciphers. ...
    (sci.crypt)
  • Re: Steganography - Encryption challenge
    ... knowing the exact algorithm that produced them. ... (IIRC John Herbster posted a link to the Beale Ciphers ... key dependent. ...
    (borland.public.delphi.non-technical)
  • Re: Cascading different algorithms?
    ... >> algorithm X weakens X, then as the attacker you can bet I'm going ... >> strength is not guarenteed. ... It has never been hard to invent weak ciphers, ... has something like that in secret. ...
    (sci.crypt)