Is encrypting twice much more secure?
in [Cryptography]
|
Prev: A published list of rare tetragraphs?
Next: A discrepancy in literatures on permutation polynomials
From: Michael B Allen on 12 Jan 2010 14:06 I need to encrypt some data and give the password to an escrow attorney so that only under certain conditions (e.g. dirt nap) a list of beneficiaries will have the ability to recover this data. But I am going to make the encrypted package publicly available along with the source code of the decryption program. So I need the encryption method used to be particularly good. My first thought is to simply encrypt the data multiple times using different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256) using different segments of a randomly generated 32 character alphanumeric password. The rational is that if / when an algorithm is broken, the enclosed encrypted layer would look random and thus not give the attacker any feedback as to their success. They would have to successfully crack all layers simultaneously. Is this reasoning valid? Mike
From: Andrew Poelstra on 12 Jan 2010 14:23 On 2010-01-12, Michael B Allen <ioplex(a)gmail.com> wrote: > I need to encrypt some data and give the password to an escrow > attorney so that only under certain conditions (e.g. dirt nap) a list > of beneficiaries will have the ability to recover this data. But I am > going to make the encrypted package publicly available along with the > source code of the decryption program. So I need the encryption method > used to be particularly good. > > My first thought is to simply encrypt the data multiple times using > different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256) > using different segments of a randomly generated 32 character > alphanumeric password. The rational is that if / when an algorithm is > broken, the enclosed encrypted layer would look random and thus not > give the attacker any feedback as to their success. They would have to > successfully crack all layers simultaneously. Is this reasoning valid? > > Mike My first reaction would be that XOR'ing twice still gets you an XOR - except that the attacker, once he found the key, would be able to decrypt twice as fast as you could encrypt! But I'm not sure how much that applies with multiple algorithms.
From: biject on 12 Jan 2010 15:08 On Jan 12, 12:06 pm, Michael B Allen <iop...(a)gmail.com> wrote: > I need to encrypt some data and give the password to an escrow > attorney so that only under certain conditions (e.g. dirt nap) a list > of beneficiaries will have the ability to recover this data. But I am > going to make the encrypted package publicly available along with the > source code of the decryption program. So I need the encryption method > used to be particularly good. > > My first thought is to simply encrypt the data multiple times using > different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256) > using different segments of a randomly generated 32 character > alphanumeric password. The rational is that if / when an algorithm is > broken, the enclosed encrypted layer would look random and thus not > give the attacker any feedback as to their success. They would have to > successfully crack all layers simultaneously. Is this reasoning valid? > > Mike If your going to use AES anyway why not encrypt pass one with BiCOM that do a BWTS pass followed by a pass of BICOM a second time with new key then a pass of UNBWTS and lastly another BICOM pass with 3rd key. The advantage being each pass bijective so no headers or like stuff added. This would be very secure even if AES is not as string as we think plus the the bijective BWT would mix the data very well. David A. Scott -- My Crypto code http://bijective.dogma.net/crypto/scott19u.zip http://www.jim.com/jamesd/Kong/scott19u.zip old version My Compression code http://bijective.dogma.net/ **TO EMAIL ME drop the roman "five" ** Disclaimer:I am in no way responsible for any of the statements made in the above text. For all I know I might be drugged. As a famous person once said "any cryptograhic system is only as strong as its weakest link"
From: Maaartin on 12 Jan 2010 15:28 > On 2010-01-12, Michael B Allen <iop...(a)gmail.com> wrote: > > I need to encrypt some data and give the password to an escrow > > attorney so that only under certain conditions (e.g. dirt nap) a list > > of beneficiaries will have the ability to recover this data. But I am > > going to make the encrypted package publicly available along with the > > source code of the decryption program. So I need the encryption method > > used to be particularly good. > > > My first thought is to simply encrypt the data multiple times using > > different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256) > > using different segments of a randomly generated 32 character > > alphanumeric password. This for sure is a very bad idea. Have a look at password based encryption and generating multiple keys from a single master key. > > The rational is that if / when an algorithm is > > broken, the enclosed encrypted layer would look random and thus not > > give the attacker any feedback as to their success. They would have to > > successfully crack all layers simultaneously. Is this reasoning valid? Not really, see the end of http://groups.google.com/group/sci.crypt/browse_thread/thread/f7b4b43375df0489 > On 2010-01-12, Michael B Allen <iop...(a)gmail.com> wrote: > My first reaction would be that XOR'ing twice still gets you an XOR - > except that the attacker, once he found the key, would be able to > decrypt twice as fast as you could encrypt! > > But I'm not sure how much that applies with multiple algorithms. Not all ciphers work by xoring, in particular, AES does not. Moreover, even xoring with two keystreams could make the cipher stronger than a single such cipher. This is surely true for some trivial weak ciphers.
From: Sebastian Garth on 12 Jan 2010 16:24
On Jan 12, 11:06 am, Michael B Allen <iop...(a)gmail.com> wrote: > I need to encrypt some data and give the password to an escrow > attorney so that only under certain conditions (e.g. dirt nap) a list > of beneficiaries will have the ability to recover this data. But I am > going to make the encrypted package publicly available along with the > source code of the decryption program. So I need the encryption method > used to be particularly good. > > My first thought is to simply encrypt the data multiple times using > different algorithms and key sizes (e.g. AES128 -> RC4 -> AES256) > using different segments of a randomly generated 32 character > alphanumeric password. The rational is that if / when an algorithm is > broken, the enclosed encrypted layer would look random and thus not > give the attacker any feedback as to their success. They would have to > successfully crack all layers simultaneously. Is this reasoning valid? > > Mike Short answer: probably...but it would likely be overkill. Running the data through, say, a 4096-bit RSA would be more than sufficient. If in doubt, though, just increase the key length. |