1994-05-27 - Re: (fwd) Re: NSA Helped Yeltsin Foil 1991 Coup

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
Message Hash: 122525ff522146499c473f19fed1abff599d7a520be84b27259e9a307ca3fecc
Message ID: <9405272110.AA11485@snark.imsi.com>
Reply To: <9405271955.AA21973@toad.com>
UTC Datetime: 1994-05-27 21:11:13 UTC
Raw Date: Fri, 27 May 94 14:11:13 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 27 May 94 14:11:13 PDT
To: Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
Subject: Re: (fwd) Re: NSA Helped Yeltsin Foil 1991 Coup
In-Reply-To: <9405271955.AA21973@toad.com>
Message-ID: <9405272110.AA11485@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain

Eli Brandt says:
> > Its far simpler to encrypt your message with multiple systems, one
> > after another, than to break it up in the manner you suggest, and the
> > security is in fact better that way than in the manner you suggest.
> Why?  If you XOR-split the message and encrypt each mask differently,
> you are /guaranteed/ that all of the encryption methods must be
> broken to retrieve the original.  If you use repeated encryption,
> this is much harder to prove, and not always true.

You are correct that in extremely weird cases you are screwed. Such
cases are nearly IMPOSSIBLE to produce in practice. Anyone out there
want to claim that DES and IDEA are inverses? I'll bet a lot that they
aren't. Although in THEORY you are correct, in PRACTICE
superencipherment wins.

> There's a result that if you choose the first cipher unwisely,
> you're hosed no matter what you do on top of it.

Again, you have to do something startling stupid. Ordinary use won't
let this happen.