On Fri, 29 Nov 2013 06:17:31 +0100 Arno Wagner <arno@xxxxxxxxxxx> wrote > The gist is that breaking aes(k1, aes(k2, data)) > takes only twice as long as breaking aes(k3, data), > i.e. adds one bit of entropy and is meanigless security-wise. > > If you have less than the maximum entropy in your keys, > then doing aes(k1+k2, data) doubles the entropy, i.e. > _squares_ the effort needed, up to 2^(number of key bits). > > So, really, do not do this. Thank you for the clarification and the supplied reference. I see now that my suggested method is flawed. I will use LUKS instead; I can then combine the two passphrases and make use of the key strengthening features instead of choosing less security with no header. However I am curious, would my suggestion work with two different ciphers? So twofish(k1, AES(k2, data)) or twofish(k1, Serpent(k2, data) both still plain? Or does the MITM attack still apply in these scenarios. Jackson ____________________________________________________________ South Africas premier free email service - www.webmail.co.za The Simplest Way To Owning Your Own Business http://iib468.ubuntuconnect.com _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
