Jim Gillogly skribis:
One word of caution (which should be obvious, but can't hurt to repeat it): if you chain ciphers (e.g. DES | IDEA | 3DES | CAST | Blowfish), be sure to use separate keys for each of them; otherwise breaking the last one will give the key to the whole lot.
Matthew Ghio rispondis:
Only if the cryptanalyst knows that the decryption of the last one was correct, which shouldn't be possible without also decrypting all the other layers.
If the person strapping those systems together writes them from scratch and the penultimate cipher gives a flat distribution, then I agree 100%. However, many (most?) standalone encryption programs will put a magic number or other identification at the beginning (e.g. encrypted PKZIP) or will do a sanity check that actually tells you whether you've decrypted with the right key, whether you see garbage or not (e.g. EAY's stand-alone 'idea', 'des', etc.). PGP also has distinctive headers, I think. In the world of existing cipher packages it's usually possible to tell what you've got. Assume Kerckhoff's principle, of course: the attacker knows which packages you're using and which order you're doing them in. Jim Gillogly Hevensday, 9 Solmath S.R. 1998, 17:52 12.19.4.15.19, 10 Cauac 17 Muan, Fourth Lord of Night