On Jun 18, 2011, at 8:44 PM, Tom Ritter wrote:
> I'm wondering what the general opinion of folks is for repeated
> encryptions - either accidentally or on purpose. Applied Cryptography
> devotes a chapter to it, and I'm more interested in cascades -
> multiple algorithms: RC4 k1(AES k2(plaintext)) . The general opinion
> I've heard is "It's a bad idea, you shouldn't do it" - but I want to
> revisit that.
I think it comes down to my old mentor Larry Kenah's question: what problem are
you trying to solve?
If you don't trust AES, what makes you think that RC4 will fix the problem?
Similarly, if you don't trust RC4 as a good crypto algorithm, why not just use
base64, which is not a good crypto algorithm, either?
Looking at it another way, let's presume you like AES. Let's presume that means
you think there is no better attack on the algorithm than brute force, why
would putting another algorithm on top of it help at all? It just slows things
down.
I presume that you're considering it because there's some nagging part of your
head that says, "but what if...." and you're hedging your bet. But at the end
of the day, it's hard to know what an effective hedge is going to be. Very
rarely is crypto actually broken. It's almost always that the *system* is
broken. Two ciphers create a key management issue, or you use a KDF and then
you've just created a more complex cipher.
If you take a key and run in through a KDF to get two subkeys each passed to a
cipher, it's just a big cipher with a fancy key schedule.
That brings us back to the main question: what problem are you trying to solve?
Jon
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
