-----BEGIN PGP SIGNED MESSAGE----- - -----BEGIN PGP SIGNED MESSAGE----- In article <199501120502.VAA29808@largo.remailer.net>, Eric Hughes <eric@remailer.net> wrote:
From: cactus@seabsd.hks.net (L. Todd Masco)
I'm wondering: would the strength be increased by using a randomly selected symetric cypher?
Strength is not right aspect. Global risk is reduced, simply because the aggregate cost of a breach is reduced.
Isn't it? If an attacker does not know what cipher is used and breaking each is computationally expensive (though not prohibitively so) doesn't that add extra complexity? IE, if cipher A, B, and C are attackable in large but not prohibitive time, wouldn't an attacker have to spend more cycles to break something that was randomly one of those? I agree that it's not a significantly large jump, but if an attacker has to go through all the possibilities for A, B, before breaking something in C, it seems that there's a small increase in strength (Not being argumentative, really... I understand that this increase in strength isn't enough to warrant any significant effort. Just want to clarify the answer in my mind).
But selecting a single cipher is just as much a fixed policy as a randomly selected one is. Far better to let the user pick a policy, both about sent and accepted ciphers.
Sure. Ideally, a user could say "use A" or "use randomly A, C, or D" or even "use A_x(C_x) or B_x(D_y)". I'm not certain the "accept" is a great idea, but what the hell... any theoretical general system should have support for such a decision to be made, right? As failure modes multiply...
I guess this reduces to: do strong cyphers have "signatures" of some sort, by which the type of encryption can be derived?
If they do, they're likely not _strong_ ciphers.
Great... that's the answer I was looking for, and what my gut feeling was. I'm trying to determine how much rope is too much for a first pass. Related: is there, in general or in any known specific cases, any loss of security in using sym. cipher A on ciphertext B (of another sym. cipher) with the same key? With different keys (I would think not, but I vaguely remember mention of something here long ago)? - - -- Todd Masco | "life without caution/ the only worth living / love for a man/ cactus@hks.net | love for a woman/ love for the facts/ protectless" - A Rich Cactus' Homepage - -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLxSMSBNhgovrPB7dAQECKQP/fqXwOcRmH6Z5dm8fsDnFzkCNyy5bc7Os +/hWmyjlk6/qx2Ym0gvlIZaxMSVR68E1qQUaoiAaWY7SatskU8o6dZRI+SmON4NV qSZnBh/+TnQwcTK0c0N+4m3Y8GhIk0ERX9modZfadv15Q07yfP7MXEj4yRQOse6e WHmUg0WOhW4= =GedZ - -----END PGP SIGNATURE----- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLxTHISoZzwIn1bdtAQEUbAGAuX+ALOTHZkUd8vqsWzVZWKSKwnJ+03yW alp18VGBGaM4PLQWU0OAFmbBP8wUxBEz =U5tO -----END PGP SIGNATURE-----