* Christian <evil@xxxxxxxxxx> wrote: > Phil H schrieb: > >I once read a usenet thread discussing this issue - Bruce > > Schneider posted and said that multiple encryption with > > the same algorithm could actually weaken the encryption > > if there was a defect in that algorithm. He gave > > an explanation which I can't recall. > > well, at least in "Applied Cryptography" he's saying that > double/multiple encryption is a way to *increase* security: > > http://friedo.szm.sk/krypto/AC/ch15/15-01.html > > so, i if a message is encrypted with different algorithms, each one > has to be broken (a "defect" has to be found). doing multiple encryption with the same algo is a bad idea, and it somehow escapes my personal view of common sense why one would do that. Phil referred to this example, you referred to the way one can safely assume one would usually do. f.e. first aes, then serpent, or whatever, or the other way round; whatever comes first ;-) > *if* multiple encryption would actually weaken an algotithm, then > *we'd have found new attacks... i guess we walk a fine line there. i agree to your statement, but an algo's weakness may offer a faster route to breaking the cypher if a certain scenario is met, like doing multi enc using the same algo. speculation on my part, not much else left i think. i faintly remember that one of these two algos, twofish or blowfish, is not to be used for large amounts of data, like 200 GB or so. i don't recall the speficics, only remember that there was some kind of catch to it. any info on this would be greatly appreciated. > > You can probably find this thread on google groups if you search > > for Bruce Schneider's posts - perhaps post a link if you can > > find it. > > Schneier says "it's fine" ;-) > -> 380cb79d.5790473@xxxxxxxxxxxxx > > "Use multiple encryption wherever you want: AES + whatever other > algorithms you choose. But please let AES be one algorithm." ack again, different algos -> common sense. in fact, i only know of multi enc using the same algo in theory, not one single real world case. -- left blank, right bald
Attachment:
pgphRWTqkgCtR.pgp
Description: PGP signature
