On Wed, Jul 11, 2001 at 07:24:53PM +0200, peter k. wrote: > can a known plaintext attack be made impossible by creating 2 loopback > crypto devices, one on the other one? for example: > This boils down to f(k2, f(k1,x)) where x is the known plaintext and k1 and k2 are the two symmetric keys. You would need a real cryptographer to answer this question. But I'll hazard a couple guesses and make a few wild statements: 1) If there is known plaintext you always decrease the security by some small amount. 2) Good ciphers depend on non-linearities, so even a totally known plaintext probably does not hand you the original key on a platter. 3) Encrypting sequentially with two different symmetric keys of 256 bits will have an end result that has a security of 256 <= equivkeysize <= 512. Two is a copout that says I haven't a clue if it will make it better, but I'm certain it won't be worse and it's conceivable it could be as effective as doubling the keysize and encrypting once. This is all just my own mathematical intuition: you really need a mathematician to give a definitive answer. -- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
