Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Multiple encryption
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Importance of the first layer== With the exception of the [[one-time pad]], no cipher has been theoretically proven to be unbreakable. Furthermore, some recurring properties may be found in the [[ciphertext]]s generated by the first cipher. Since those ciphertexts are the plaintexts used by the second cipher, the second cipher may be rendered vulnerable to attacks based on known plaintext properties (see references below). This is the case when the first layer is a program P that always adds the same string S of characters at the beginning (or end) of all ciphertexts (commonly known as a [[Magic number (programming)|magic number]]). When found in a file, the string S allows an [[Kernel (operating system)|operating system]] to know that the program P has to be launched in order to decrypt the file. This string should be removed before adding a second layer. To prevent this kind of attack, one can use the method provided by [[Bruce Schneier]]:<ref>{{cite book |last1=Schneier |first1=Bruce |title=Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in C |date=30 March 2015 |publisher=Wiley Computer Publishing |pages=368 |isbn=9781119096726 |url=https://books.google.com/books?id=VjC9BgAAQBAJ&q=15.8+Combining+Multiple+Block+Algorithms&pg=PA368}}</ref> * Generate a random pad R of the same size as the plaintext. * Encrypt R using the first cipher and key. * [[XOR]] the plaintext with the pad, then encrypt the result using the second cipher and a different (!) key. * [[Concatenate]] both ciphertexts in order to build the final ciphertext. A cryptanalyst must break both ciphers to get any information. This will, however, have the drawback of making the ciphertext twice as long as the original plaintext. Note, however, that a weak first cipher may merely make a second cipher that is vulnerable to a [[Chosen-plaintext attack|chosen plaintext attack]] also vulnerable to a [[Known-plaintext attack|known plaintext attack]]. However, a [[block cipher]] must not be vulnerable to a chosen plaintext attack to be considered secure. Therefore, the second cipher described above is not secure under that definition, either. Consequently, both ciphers still need to be broken. The attack illustrates why strong assumptions are made about secure block ciphers and ciphers that are even partially broken should never be used.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)