The symmetric ciphers

Werner Koch wk at
Tue Sep 10 13:45:40 CEST 2013

On Tue, 10 Sep 2013 12:35, pkk at said:
> I wonder if it would be a good idea to have an option to combine
> symmetric ciphers, e.g. users could state a preference list like this:

Which requires more entropy for the two keys and thus creating an
incentive to use a faster and more insure RNG.  Although this
complicates the code a lot and thus creates more opportunities for
exploits.  To rephrase Brooks: Adding too many bits to an already
suitable key makes the security worse.

You would also need a second public keypair to protect the second
symmetric key.  If you don't, the attacker would target the public key
scheme directly - ah well that is in any case the lower hanging fruit.

Again: Nobody is breaking an algorithm (public or symmetric) - they are
going for the code and then maybe for the RNG.  That whole debate about
key lengths is missing the point.  As Robert pointed out, we can't make
any long term estimation on the progress on cipher breaking and new
cipher systems.  Also: Consider what damage may happen if information
leaks in 10 minutes, 10 weeks, or 10 years.  If you are concerned about
10 years, you may better not use a networked computer in the first



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list