Re: Plaintext

Andy Church (achurch@dragonfire.net)
Wed, 02 Jul 1997 19:49:45 EDT


>Now... data that is multiply encrypted offers a great deal more protection,
>I imagine... once you find the correct key for the outermost later of
>encryption, the data you have is still encrypted. I don't profess to know a
>lot about encryption, but I would imagine that the encrypted data
>underneath might not be detectable as the proper data.

There's not really much difference between doing that and doing a
single encryption with a longer key. In the former case, you just run
through each key of each encryption level, doing all of them at once:
if (0 == memcmp(known_header, decrypt(decrypt(cipher, key1), key2), len)...

Of course, the other thing all this assumes is that you know the
encryption algorithm. If someone RC5's their data, then exclusive-or's
every byte with 0x3B, you can try every RC5 key possible and you're still
not going to decrypt the message successfully, even though the second
algorithm is hardly "encryption" at all. Even if the exclusive-or was done
first, it still would be considerably more difficult to know that you'd
found what you were looking for. And there are so many different things
you can do to data that don't have to be cryptographically sound that this
sort of "security through obscurity" works when combined with a real
encryption algorithm.

Again, of course, you do have to discount the "hold a gun to his head"
decryption method... ;)

--Andy Church | If Bell Atlantic really is the heart
achurch@dragonfire.net | of communication, then it desperately
www.dragonfire.net/~achurch/ | needs a quadruple bypass.