Phil H schrieb:
I once read a usenet thread discussing this issue - Bruce
> Schneider posted and said that multiple encryption with
> the same algorithm could actually weaken the encryption
> if there was a defect in that algorithm. He gave
> an explanation which I can't recall.
well, at least in "Applied Cryptography" he's saying that
double/multiple encryption is a way to *increase* security:
http://friedo.szm.sk/krypto/AC/ch15/15-01.html
so, i if a message is encrypted with different algorithms, each one has
to be broken (a "defect" has to be found).
if it's encrypted with the same algo and a defect is found, i'd say
encryption was not weakened by the (double-) encryption but only the
level of "feeling secure, because i double encrypted" has fallen more
rapidly as expected.
*if* multiple encryption would actually weaken an algotithm, then we'd
have found new attacks...
> You can probably find this thread on google groups if you search for
> Bruce Schneider's posts - perhaps post a link if you can find it.
Schneier says "it's fine" ;-)
-> 380cb79d.5790473@xxxxxxxxxxxxx
"Use multiple encryption wherever you want: AES + whatever other
algorithms you choose. But please let AES be one algorithm."
--
BOFH excuse #361:
Communist revolutionaries taking over the server room and demanding all
the computers in the building or they shoot the sysadmin. Poor misguided
fools.
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
