Sunder[SMTP:sunder@sunder.net] writes: On Wed, 30 Apr 2003, Thomas Shaddack wrote:

...

Layer the encryptions then. A good ciphertext looks random. Take a ciphertext and encrypt it again, you get a - say - cipher2text. A decryption of cipher2text with any key then looks like a potential ciphertext.

Is there a hole in this claim?

According to Schneier doing this is a bad idea - (or so I recall from the A.P. book which I've not reread in quite a while - I may be wrong) if you use the same (or similar) cypher. i.e.:

blowfish(blowfish(plaintext,key1),key2) is bad, but rsa(blowfish(plaintext,key1),privatekey) is ok.

[don't top-post] It really depends on the cipher. If the cipher is a group, then case 1 is bad - since

blowfish(blowfish(plaintext,key1),key2) = blowfish(plaintext, key3)

Some ciphers, such as DES, are not groups. This is why double and triple DES are stronger than single DES. Peter Trei