The symmetric ciphers

Robert J. Hansen rjh at
Thu Oct 31 23:16:07 CET 2013

> I am quite confident the majority of the people don't understand this,
> but they don't need to. Someone can prove wether AES / Twofish / ... /
> combinations of them is a group or not, and can then explain that
> combinations are safer / at least as safe / less safe.

Yes.  But please remember how this entire subthread started.  Someone  
proposed stacking ciphers.  I answered that was not guaranteed to  
work, and used ROT as an example.

You responded that the only reason it fails with ROT is because ROT  
forms a group.  To which I responded with: so what?  To my knowledge  
nobody's proven AES does not form a group, either, and incidentally,  
let's avoid talk about abstract mathematics because it's unnecessary  
to the discussion and only serves to make our conversation opaque to  
people who are not mathematicians.

> For non-speciallists you can stick with the conclusion: it has been
> proven that X is true of not true without giving details about the proof.

Yes.  And I repeat: you cannot blithely stack ciphers together because  
doing so may be harmful to the overall security of the system.  And  
that's all that most people on the list need to know, really, without  
a side discussion about group theory.

> Any attacker can encrypt my message again with a nonrelated key (and
> only with a nonrelated key since they don't know the key I used). If
> that would make it easier to break AES then re-encrypting the message
> that would be a better than pure brute force attack on AES.

Yes, I know.  Even if I didn't, you explained it quite well in your  
message and I would've learned.

I don't disagree with your conclusion.  I disagree with your *certainty*.

More information about the Gnupg-users mailing list