1998-01-29 - Re: Chaining ciphers

Header Data

From: jim@mentat.com (Jim Gillogly)
To: cypherpunks@Algebra.COM
Message Hash: b861ae43aabe3b155be817d696398f2f2bc599aa844bc84ef94cbbe067052d39
Message ID: <9801291747.AA26773@mentat.com>
Reply To: N/A
UTC Datetime: 1998-01-29 17:57:25 UTC
Raw Date: Fri, 30 Jan 1998 01:57:25 +0800

Raw message

From: jim@mentat.com (Jim Gillogly)
Date: Fri, 30 Jan 1998 01:57:25 +0800
To: cypherpunks@Algebra.COM
Subject: Re: Chaining ciphers
Message-ID: <9801291747.AA26773@mentat.com>
MIME-Version: 1.0
Content-Type: text/plain



Tim May skribis:
> I don't think 3DES is weak, but chaining-in additional ciphers can't hurt.
> (Just a minor slowdown in encipherment speed, presumably not important for
> some critical uses.)

Yes, that's definitely better for high-confidence long-term archival
stuff than relying on one cipher.  Carl Ellison's suggestion was DES |
tran | nDES | tran | DES, where "tran" is an unkeyed large-block
transposition.

One word of caution (which should be obvious, but can't hurt to repeat it):
if you chain ciphers (e.g. DES | IDEA | 3DES | CAST | Blowfish), be sure to
use separate keys for each of them; otherwise breaking the last one will give
the key to the whole lot.

BTW, I went to look this up in the Cyphernomicon (I sorta think it's
reffed in there), but the first 4 sites I saw on Altavista were all
dead-end broken links.  The Web's ripping... what's the current
Preferred URL?

	Jim Gillogly
	Trewesday, 8 Solmath S.R. 1998, 17:22
	12.19.4.15.18, 9 Edznab 16 Muan, Third Lord of Night


	






Thread