From: cactus@seabsd.hks.net (L. Todd Masco)
Strength is not right aspect. Global risk is reduced, simply because the aggregate cost of a breach is reduced.
Isn't it? If an attacker does not know what cipher is used and breaking each is computationally expensive (though not prohibitively so) doesn't that add extra complexity? Suppose that several symmetric ciphers are used and that one of them is broken. You then attempt to break all of the messages; the ones that don't break are presumed to be one of the other ciphers. So it does nothing to improve strength. Note, though, that the _rest_ of the messages remain unbroken. I am assuming that it's unlikely that all of the ciphers will be broken simultaneously. Related: is there, in general or in any known specific cases, any loss of security in using sym. cipher A on ciphertext B (of another sym. cipher) with the same key? With different keys (I would think not, but I vaguely remember mention of something here long ago)? If you use the same key, the size of exhaustive search does not increase. Eric