[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (fwd) Re: NSA Helped Yeltsin Foil 1991 Coup




Jay Prime Positive says:
>    Date: Fri, 27 May 94 18:54 PDT
>    From: [email protected] (Jay Prime Positive)
> 
>    Infact, the birthday paradox just about garantees
>    that the number is less than E1*E2*E3.
> 
> After thinking about it some more, I think I would like to rephrase
> that.  I don't think 2^k is nearly close enough to ((2^k)!)^(1/2) for
> me to say 'garantee'.  But, it is possible for E1*E2*E3 to excede the
> number of permutations of the e1( e2( e3( x ))) system.

Possible, yes. Indeed, I'd say its almost certain that you'll lose
some fraction of a bit of key. I don't lose sleep over fractions of
bits.

In fact, this whole thing is completely silly. If it were possible to,
say, break IDEA by then encrypting the IDEA output with DES using a
key independant from the IDEA key, all an attacker would have to do is
encrypt all IDEA ciphertext he gets with DES and he could break it --
DES then becomes a tool for breaking IDEA. If IDEA is secure, it is
secure against almost all functions (ones selected with knowlede of
the key being the exception) being applied to the ciphertext.

I completely agree that your scheme is in theory more secure. So is a
one time pad. People don't use impractical schemes that actually do
lend real security -- why use one that only adds theoretical security?

If I have a series of encryption functions applied with independent
keys, the only way one can weaken another is if the systems were not
secure in the first place. If one of the systems is secure, no number
of non-secure encryptions applied with random keys is going to ever
weaken it in practice. If it could, that would be the way to break the
secure system, and even used alone it would not be secure.

Perry