# The symmetric ciphers

Robert J. Hansen rjh at sixdemonbag.org
Thu Oct 31 22:36:08 CET 2013

> Playing Captain Obvious:

Excellent!  Let's play more.

> - \forall {A,B \in G} --> A X B \in G: G is closed.

What's this "\forall" and "\in"?  I don't understand.  Are those HTML
entity codes that my email client isn't presenting properly?

... Or, in other words, your very first line assumes a level of
mathematical knowledge that the overwhelming majority of people lack:
namely, the abilities of understanding mathematical notion and TeX.
property: a lot of people are going to conflate associativity with
commutativity.

Abstract mathematics is the sort of thing that needs to be avoided at
all costs when giving explanations to non-specialists.  It just
doesn't work.

> I don't doubt that. I assumed (yes I know, assumption is the mother of
> all fuckups) that these things were analyzed during the long
> cryptanalysis the algorithms in gpg have had.

Quite possibly not, as whether AES is a group has absolutely no
bearing on how easy it is to break AES -- only on whether AES can be
used in composition, which is not particularly high priority.

The reason why the cryptanalytic community looked into whether DES
forms a group is because the 56-bit keyspace was too short and we
critically needed a way to compose DES into a stronger algorithm.
That's not the case with AES.

A quick search of Google Scholar does not turn up any articles about
whether AES forms a group.  I don't know one way or another.  My
suspicion is that it does not, but I'm not willing to trust that
suspicion.

> Did noone researched something like 3AES yet?

Not to my knowledge.

> However, encrypting a message with AES with key1 and then encrypting it
> again with key2 (key1 unrelated to key2) can't make it less secure since
> any attacker can encrypt the intercepted encrypted message again with
> little effort.

Beware of saying "can't" unless you've got a formal mathematical proof