double encryption

Ryan Malayter rmalayter@bai.org
Tue Jun 11 17:34:09 2002


From: Frank Tobin [mailto:ftobin@neverending.org]=20
>Using the same cipher twice is one thing,=20
>but how about two different ciphers?  At=20
>best, you might get the benefit if twice=20
>the keylength (if you use different keys),=20
>and assuredness that if one cipher breaks,=20
>your message is still safe.

At worst, however, there could be an interaction between the two ciphers
that makes the double-encrypted message far less secure than a single
encrypted message. I believe Schneier's _Applied Cryptography_ warns
against this, but I don't recall if it gives any real-world examples. I
could certainly see where this would be a bad idea with two stream
ciphers.