ok i know only a little about file encryption, but a thought hit me: if a
file is encrypted, say with Blowfish, could that encrypted file then be
again encrypted with say DES, then that file encrypted with Blowfish or
some other algorithm again? I mean, what it there to prevent a file from
being recursively encrypted, since a file is a file? And wouldn't
recursive encryption make a file almost exponentially secure or encrypted?

Fri, 09 Jun 2006 20:19:59 +0000, Juergen Nieveler inscribed to the
world:

but encrypting a file 16 times with RT13 is no more secure than 4
times, and no less than 256 times.

That just seems to violate time and space, blows my mind, why recursive
encryption would not make it more secure. Is there someway to explain to
me what that is so in a simple way. Sort of like, if you write a secret
message on a piece of paper and fold it up, the number of foldings does
not make it any more secret as long as it is folded from view; ok that
maybe is too simple. I wish I understood this. Well, I just came back from
Barnes and Nobel and picked up a small paperback on basics of
cryptography, will read that, maybe learn something.

Beowulf <beowulf@wayoftheancients.trailwrites:

>ok i know only a little about file encryption, but a thought hit me: if a
>file is encrypted, say with Blowfish, could that encrypted file then be
>again encrypted with say DES, then that file encrypted with Blowfish or
>some other algorithm again? I mean, what it there to prevent a file from
>being recursively encrypted, since a file is a file? And wouldn't
>recursive encryption make a file almost exponentially secure or encrypted?

Sure.
And no, it is not exponentially secure. And it is at a huge expense in
speed of encryption and in length of key. If you use the same key for all
encryptions, then it is not much more secure than a single ecryption, for a
huge cost in time. If you use different key s for each then the effective
key length is n times as long and again the strength gained is as much as
if you used a single encryption designed for that key length.

Beowulf <beowulf@wayoftheancients.trailwrites:

Fri, 09 Jun 2006 20:19:59 +0000, Juergen Nieveler inscribed to the
>world:
>
>but encrypting a file 16 times with RT13 is no more secure than 4
>times, and no less than 256 times.
>

>That just seems to violate time and space, blows my mind, why recursive
>encryption would not make it more secure. Is there someway to explain to
>me what that is so in a simple way. Sort of like, if you write a secret
>message on a piece of paper and fold it up, the number of foldings does
>not make it any more secret as long as it is folded from view; ok that
>maybe is too simple. I wish I understood this. Well, I just came back from
>Barnes and Nobel and picked up a small paperback on basics of
>cryptography, will read that, maybe learn something.

Uh, Rot 13 applied twice gives you back the original. So Rot 13 16times is far less
secure than Rot 13 applied once.

Beowulf <beowulf@wayoftheancients.trailwrites:

Fri, 09 Jun 2006 20:19:59 +0000, Juergen Nieveler inscribed to the
>world:
>
>but encrypting a file 16 times with RT13 is no more secure than 4
>times, and no less than 256 times.
>

>That just seems to violate time and space, blows my mind, why recursive
>encryption would not make it more secure. Is there someway to explain to
>me what that is so in a simple way. Sort of like, if you write a secret
>message on a piece of paper and fold it up, the number of foldings does
>not make it any more secret as long as it is folded from view; ok that
>maybe is too simple. I wish I understood this. Well, I just came back from
>Barnes and Nobel and picked up a small paperback on basics of
>cryptography, will read that, maybe learn something.

Uh, Rot 13 applied twice gives you back the original. So Rot 13 16times is far less
secure than Rot 13 applied once.

Fri, 09 Jun 2006 20:19:59 +0000, Juergen Nieveler inscribed to the
world:

but encrypting a file 16 times with RT13 is no more secure than 4
times, and no less than 256 times.

That just seems to violate time and space, blows my mind, why recursive
encryption would not make it more secure. Is there someway to explain to
me what that is so in a simple way. Sort of like, if you write a secret
message on a piece of paper and fold it up, the number of foldings does
not make it any more secret as long as it is folded from view; ok that
maybe is too simple. I wish I understood this. Well, I just came back from
Barnes and Nobel and picked up a small paperback on basics of
cryptography, will read that, maybe learn something.

Beowulf <beowulf@wayoftheancients.trailwrites:

>ok i know only a little about file encryption, but a thought hit me: if a
>file is encrypted, say with Blowfish, could that encrypted file then be
>again encrypted with say DES, then that file encrypted with Blowfish or
>some other algorithm again? I mean, what it there to prevent a file from
>being recursively encrypted, since a file is a file? And wouldn't
>recursive encryption make a file almost exponentially secure or encrypted?

Sure.
And no, it is not exponentially secure. And it is at a huge expense in
speed of encryption and in length of key. If you use the same key for all
encryptions, then it is not much more secure than a single ecryption, for a
huge cost in time. If you use different key s for each then the effective
key length is n times as long and again the strength gained is as much as
if you used a single encryption designed for that key length.

Juergen Nieveler schrieb:

>And wouldn't recursive encryption make a file almost
>exponentially secure or encrypted?
>
Not necessarily. With most modern systems it shouldn't be a problem,
but encrypting a file 16 times with RT13 is no more secure than 4
times, and no less than 256 times.

The problem of your example is that RT13 isn't a cryptographic cipher.

But there is a good example which additionally is a common cipher with
multiple encryption: Triple DES (uses DES three times: first encryption
with key1 then decryption with key2 and finally encryption with key3).

Jan

There's a lot of math behind this, that I don't know, but I know the
result: It's generally a bad idea behind encrypting something with the
same algorithm twice in a row. The reason is because it might form a
group which "can be collapsed (by some arbitrary key) into a single
application of the same encryption." [1] I think that using a Block
Cipher like AES or DES inbetween a RSA or ELGamal would be okay
though.
But the group thing is something you should look into if you're
considering this.

[1]

Unruh wrote:
Beowulf <beowulf@wayoftheancients.trailwrites:
>
>ok i know only a little about file encryption, but a thought hit me: if a
>file is encrypted, say with Blowfish, could that encrypted file then be
>again encrypted with say DES, then that file encrypted with Blowfish or
>some other algorithm again? I mean, what it there to prevent a file from
>being recursively encrypted, since a file is a file? And wouldn't
>recursive encryption make a file almost exponentially secure or encrypted?
>
Sure.
And no, it is not exponentially secure. And it is at a huge expense in
speed of encryption and in length of key. If you use the same key for all
encryptions, then it is not much more secure than a single ecryption, for a
huge cost in time. If you use different key s for each then the effective
key length is n times as long and again the strength gained is as much as
if you used a single encryption designed for that key length.
--

I am no expert, but it occurs to me that there are two reasons why one
would think to use multiple encryption algorithms for the same plaintext.

1. If a weakness is discovered in one algorithm that allows decryption
without brute-force then the other algorithms may still be secure.

2. Brute-forcing would require a pass for each algorithm.

course, if the specific algorithms used can be mathematically reduced
to one algorithm then as regards point one, only one algorithm need be
"broken", while in regards to point two only one brute-force pass would
be required.

I have no idea if multiple encryption algorithms can be reduced (except
for such related methods as rot-13).

Unruh wrote:
Beowulf <beowulf@wayoftheancients.trailwrites:
>
>ok i know only a little about file encryption, but a thought hit me: if a
>file is encrypted, say with Blowfish, could that encrypted file then be
>again encrypted with say DES, then that file encrypted with Blowfish or
>some other algorithm again? I mean, what it there to prevent a file from
>being recursively encrypted, since a file is a file? And wouldn't
>recursive encryption make a file almost exponentially secure or encrypted?
>
Sure.
And no, it is not exponentially secure. And it is at a huge expense in
speed of encryption and in length of key. If you use the same key for all
encryptions, then it is not much more secure than a single ecryption, for a
huge cost in time. If you use different key s for each then the effective
key length is n times as long and again the strength gained is as much as
if you used a single encryption designed for that key length.
--

I am no expert, but it occurs to me that there are two reasons why one
would think to use multiple encryption algorithms for the same plaintext.

1. If a weakness is discovered in one algorithm that allows decryption
without brute-force then the other algorithms may still be secure.

2. Brute-forcing would require a pass for each algorithm.

course, if the specific algorithms used can be mathematically reduced
to one algorithm then as regards point one, only one algorithm need be
"broken", while in regards to point two only one brute-force pass would
be required.

I have no idea if multiple encryption algorithms can be reduced (except
for such related methods as rot-13).