[cryptography] Repeated Encryptions Considered.... ?
marsh at extendedsubset.com
Sun Jun 19 17:36:05 EDT 2011
On 06/18/2011 10:44 PM, Tom Ritter wrote:
> I got in a discussion recently about this, in the specific case of
> NOT using SSL was a reasonable decision. The response was the 'don't
> double encrypt' argument, without any real facts to back it up.
argument against SSL. Tell them that they should use SSL properly and
to your wallet.
People spend too much time thinking about encryption and waay too little
thinking about authentication.
> Applied Crypto shows how it doesn't always provide the security you
> expect it - but it doesn't go so far as to say it *decreases*
If encrypting something again with an unrelated key made the ciphertext
weaker then the attacker could simply do that as part of his attack.
There's the meet-in-the-middle attack with double-DES, which is still an
example of the worst case of it not gaining significant security.
Where it's likely to hurt is where juggling additional code and
additional keys gives additional opportunities for error. It would also
be a mistake to think you've built a strong cipher out of two weak ones.
As long as the keys are truly unrelated and the processing of one block
cipher doesn't leak any information about the other (timing, etc)
wearing a belt does not imply that it's harmful to also wear suspenders.
More information about the cryptography