Re: Is encrypting twice much more secure?



Peter Fairbrother wrote:

I don't know about screwing up the implementation, which could do
horrible things - but yes, there is established theory that multiple
encryption with statistically independent keys is at least as secure as
the first encryption, see:

M. Maurer and J. L. Massey, Cascade ciphers: The importance of being
first, Journal of Cryptology, vol. 6, no. 1, pp. 55–61, 1993.

www.isiweb.ee.ethz.ch/archive/massey_pub/pdf/BI434.pdf

so if one pass is secure enough you're okay.

(I have a tiny doubt about their result, which I've been working on for
some years now - but in practice it won't mean much even if it pans out)

Wouldn't an 'definition' of 'statistically independent keys' (not very
simple to verify absolutely in practice, I surmise) by itself
('logically') imply that the 2nd cipher couldn't weaken the work of the
1st cipher? (For in the other case one could say then that the keys
aren't 'independent' after all.)

When your work bears fruit, please let us know as soon as possible, for
that would be very interesting and valuable.

M. K. Shen
.



Relevant Pages

  • Re: Break This
    ... I'd guess that you're trying to ascertain if your cipher is ... > against your attackers? ... > engineer your encryption algorithm, they'll try and stick a trojan on ... This is I think the only secure way. ...
    (sci.crypt)
  • Re: An Unblinkered Analysis.
    ... A cipher can be secured by a random key-set with the caveat that the ... once in the encryption of a particular message. ... due to re-use of a portion of the key) secure by splitting it into ... My Crypto code ...
    (sci.crypt)
  • Re: Is encrypting twice much more secure?
    ... Sometimes it's more secure. ... This is unreliable unless you get all the details right, and triple encryption is usually needed to double the effective keysize. ... The combination should have been analysed, as well as the single cipher - it can make things worse, not better, if you eg adapt 3-DES to use a different cipher. ... We generally assume, on statistical grounds but with no actual proof, that this is at least as secure as either one of the ciphers (when the keys are independently chosen at random) - it may be less, but that's unlikely if the ciphers are carefully chosen. ...
    (sci.crypt)
  • Re: No Shared Cipher Problem
    ... How to troubleshoot problems accessing secure Web pages with Internet ... Your browser is unable to negotiate a security level which satisfies the ... of encryption (the cipher suites supported by this site are listed above). ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Unbreakable Encryption ? Scenarios - What encryption method would be best?
    ... DES is a well-known algorithm so there are good reasons to have a good ... > risk it by storing one of the best possible passwords (or encryption ... > Ok lets say there will be a secure channel but it will happen only ... > because the decrypting method yielded a plain text message and vice ...
    (sci.crypt)