The symmetric ciphers

Josef Schneider josef at netpage.dk
Tue Sep 10 17:10:15 CEST 2013


On Tue, Sep 10, 2013 at 3:30 PM, Robert J. Hansen <rjh at sixdemonbag.org>wrote:

> > Assuming it takes effort a to break cipher A and effort b to break
> > cipher b, this should result in effort at least max(a, b) needed to
> > break A+B.
>
> Basically, though, it's "this is a naive and unfounded assumption."
>

 Why? Assuming the Keys are not related (e.g. by creating random keys and
then encrypting them both with RSA) this is safer, assuming the attacker
can crack one of the two symmetric ciphers but not RSA.
If you use the same/related Keys for both encryptions and/or the ciphers
don't interact somehow (like when using ROT-13 two times) it is indeed less
secure!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130910/1c32e9d4/attachment.html>


More information about the Gnupg-users mailing list