Re: Plaintext

Seth D. Schoen (sigma@ishmael.nmh.northfield.ma.us)
Wed, 2 Jul 1997 22:46:32 -0400


> data that is multiply encrypted offers a great deal more protection,
> I imagine ... once you find the correct key for the outmermost layer of
> encryption, the data you have is still encrypted ...

True, and that's why you can't break 3DES in only three times as long
as DES. It would take many times as long by brute force.

If you could identify encrypted cipertexts as "correct", you could just
break the outer cipher by brute force, then the next cipher by brute
force, and so on. So three applications of 56-bit RC5 would be crackable
in three times as long as a single RC5.

If, as in the real world, you can't necessarily tell when you've found
the decryption of any layer but the last layer, breaking a triple 56-bit
RC5 by brute force will take you (2^56)^2, rather than 3, times as long
as breaking a single 56-bit RC5 also by brute force. :-)

-- 
Nothing is more dangerous for man's private morality than the habit of
commanding.  The best man, the most intelligent, disinterested, generous,
pure, will infallibly and always be spoiled at this trade.
            -- Mikhail A. Bakunin (thanks to Rabbi Albert Axelrad)