double encryption

Volker Gaibler volker.gaibler@urz.uni-heidelberg.de
Tue Jun 11 03:58:01 2002


Hello Andy and Ryan,

On Mon, Jun 10, 2002 at 09:18:34AM -0500, Ryan Malayter wrote:
> Yes, but that's a pretty pointless act with GnuPG... The individual keys
> are almost certainly strong enough already. 

I think you're wrong assuming that the cascaded cipher would be of
"double" strength (that means that key length would increase by a
factor of 2, resulting in a key size of 2*n). There is a classical
example to show this - for symmetric encryption:

A DoubleDES cipher (encrypting two times with SingleDES and two
different keys) has an effective key size of only 1 bit more than
SingleDES. This is not really stronger than the single
encryption - and DES is a really good cipher (only it's key size is much
too small). There are even (theoretical!) examples where cascaded
encryption can weaken a cipher. But that's really theoretical.

So you can be quite sure that double encrypting doesn't help
you much more. Possibly encrypting three times (with two or three
different keys) could improve your effective key size significantly. 

Of course Ryan is right when he says that this all is a pointless act.
Good 128bit ciphers are really strong enough for the next decades even
for intelligence agencies and triple encryption would be complete
overkill and waste of time.

Volker


-- 
 Volker Gaibler                                 contact:
 http://www.volker-gaibler.de                   mail@volker-gaibler.de
 OpenPGP key: 0x86ECAC0B
 get my public key from website above 
+---------------------------------------------------------------------+