Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Encrypting twice is more secure than encrypting once, even though this may not be clear at first. </p> <p>Intuitively, it appears that encrypting twice with the same algorithm gives no extra protection because an attacker might find a key which decrypts all the way from the final cyphertext back to the plaintext. ... But this is not the case. </p> <p>E.g. I start with plaintext <strong>A</strong> and encrypt with key <strong>K1</strong> it to get <strong>B</strong>. Then I encrypt <strong>B</strong> with key <strong>K2</strong> to get <strong>C</strong>. </p> <p>Intuitively, it seems reasonable to assume that there may well be a key, <strong>K3</strong>, which I could use to encrypt <strong>A</strong> and get <strong>C</strong> directly. If this is the case, then an attacker using brute force would eventually stumble upon <strong>K3</strong> and be able to decrypt <strong>C</strong>, with the result that the extra encryption step has not added any security. </p> <p>However, it is highly unlikely that such a key exists (for any modern encryption scheme). (When I say "highly unlikely" here, I mean what a normal person would express using the word "impossible"). </p> <p>Why?<br> Consider the keys as functions which provide a mapping from plaintext to cyphertext.<br> If our keys are all <strong>KL</strong> bits in length, then there are 2^KL such mappings.<br> However, if I use 2 keys of <strong>KL</strong> bits each, this gives me (2^KL)^2 mappings.<br> Not all of these can be equivalent to a single-stage encryption. </p> <p>Another advantage of encrypting twice, <em>if 2 different algorithms are used</em>, is that if a vulnerability is found in one of the algorithms, the other algorithm still provides some security. </p> <p>As others have noted, brute forcing the key is typically a last resort. An attacker will often try to break the process at some other point (e.g. using social engineering to discover the passphrase). </p> <p>Another way of increasing security is to simply use a longer key with one encryption algorithm. </p> <p>...Feel free to correct my maths!</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload