Re: Is encrypting twice much more secure?



On Jan 12, 11:06 am, Michael B Allen <iop...@xxxxxxxxx> wrote:
I need to encrypt some data and give the password to an escrow
attorney so that only under certain conditions (e.g. dirt nap) a list
of beneficiaries will have the ability to recover this data. But I am
going to make the encrypted package publicly available along with the
source code of the decryption program. So I need the encryption method
used to be particularly good.

My first thought is to simply encrypt the data multiple times using
different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256)
using different segments of a randomly generated 32 character
alphanumeric password. The rational is that if / when an algorithm is
broken, the enclosed encrypted layer would look random and thus not
give the attacker any feedback as to their success. They would have to
successfully crack all layers simultaneously. Is this reasoning valid?

Mike

Short answer: probably...but it would likely be overkill. Running the
data through, say, a 4096-bit RSA would be more than sufficient. If in
doubt, though, just increase the key length.
.



Relevant Pages

  • Re: Is encrypting twice much more secure?
    ... So I need the encryption method ... the enclosed encrypted layer would look random and thus not ... successfully crack all layers simultaneously. ... then the combined strength is evidently greater than ...
    (sci.crypt)
  • Re: Is encrypting twice much more secure?
    ... the enclosed encrypted layer would look random and thus not ... successfully crack all layers simultaneously. ... data through, say, a 4096-bit RSA would be more than sufficient. ... RSA is pretty useless for actual encryption ...
    (sci.crypt)
  • Re: Is encrypting twice much more secure?
    ... successfully crack all layers simultaneously. ... to MITM attacks? ... And possibly because he's satisfied with the security of one encryption, which even times encryptions doesn't diminish. ...
    (sci.crypt)
  • Re: shred or scrub
    ... very expensive hardware probing to recover the data". ... Encryption uses keys, not passwords. ... decrypt a bulk data confidentiality key. ... As well as supporting passphrase revocation (supposing the encrypted ...
    (comp.os.linux.development.system)
  • Re: cannot retrive documents
    ... Go to the security tab and click advanced. ... Take Ownership of a File or Folder in Windows XP ... To recover encrypted files you will need the original ... encryption certificate or a Recovery Agent from the installation under which ...
    (microsoft.public.windowsxp.general)