The symmetric ciphers
Robert J. Hansen
rjh at sixdemonbag.org
Thu Oct 31 23:16:07 CET 2013
> I am quite confident the majority of the people don't understand this,
> but they don't need to. Someone can prove wether AES / Twofish / ... /
> combinations of them is a group or not, and can then explain that
> combinations are safer / at least as safe / less safe.
Yes. But please remember how this entire subthread started. Someone
proposed stacking ciphers. I answered that was not guaranteed to
work, and used ROT as an example.
You responded that the only reason it fails with ROT is because ROT
forms a group. To which I responded with: so what? To my knowledge
nobody's proven AES does not form a group, either, and incidentally,
let's avoid talk about abstract mathematics because it's unnecessary
to the discussion and only serves to make our conversation opaque to
people who are not mathematicians.
> For non-speciallists you can stick with the conclusion: it has been
> proven that X is true of not true without giving details about the proof.
Yes. And I repeat: you cannot blithely stack ciphers together because
doing so may be harmful to the overall security of the system. And
that's all that most people on the list need to know, really, without
a side discussion about group theory.
> Any attacker can encrypt my message again with a nonrelated key (and
> only with a nonrelated key since they don't know the key I used). If
> that would make it easier to break AES then re-encrypting the message
> that would be a better than pure brute force attack on AES.
Yes, I know. Even if I didn't, you explained it quite well in your
message and I would've learned.
I don't disagree with your conclusion. I disagree with your *certainty*.
More information about the Gnupg-users