tags:

views:

412

answers:

7
+2  Q: 

Is there any benefit to encrypting twice using pgp?

I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. This is to settle an argument. My vote is that it is not adding any additional security other than having to compromise two different private keys. I think that if it was any more secure than encrypting it one million times would be the best way to secure informaiton and I don't buy it. So I guess my question becomes is a two locking mechanism equivalent to another one locking mechanism with a single key?

Update: Forgive me if the answer is obvious but my bread goes dead as I read books on the topic.

+5  A: 

I understand that it is more secure provided you use different keys. But don't take my word for it. I'm not a crypto-analyst. I don't even play one on TV.

The reason I understand it to be more secure is that you're using extra information for encoding (both multiple keys and an unknown number of keys (unless you publish the fact that there's two)).

Double encryption using the same key makes many codes easier to crack. I've heard this for some codes but I know it to be true for ROT13 :-)

I think the security scheme used by Kerberos is a better one than simple double encryption.

They actually have one master key whose sole purpose is to encrypt the session key and that's all the master key is used for. The session key is what's used to encrypt the real traffic and it has a limited lifetime. This has two advantages.

  • Evil dudes don't have time to crack the session key since, by the time they've managed to do it, those session keys are no longer in use.
  • Those same evil dudes don't get an opportunity to crack the master key simply because it's so rarely used (they would need a great many encrypted packets to crack the key).

But, as I said, take that with a big grain of salt. I don't work for the NSA. But then I'd have to tell you that even if I did work for the NSA. Oh, no, you won't crack me that easily, my pretty.

Semi-useful snippet: Kerberos (or Cerberus, depending on your lineage) is the mythological three-headed dog that guards the gates of Hell, a well-chosen mascot for that security protocol. That same dog is called Fluffy in the Harry Potter world (I once had a girlfriend whose massive German Shepherd dog was called Sugar, a similarly misnamed beast).

paxdiablo  2009-04-21 06:52:40
See http://en.wikipedia.org/wiki/Meet-in-the-middle_attack
Burly  2010-05-03 02:47:46
+6  A: 

It is more secure, but not much. The analogy with physical locks is pretty good. By putting two physical locks of the same type on a door, you ensure that a thief that can pick one lock in five minutes now need to spend ten minutes. But you might be much better off by buying a lock that was twice as expensive, which the thief could not pick at all.

In cryptography it works much the same way: in the general case, you cannot ensure that encrypting twice makes it more than twice as hard to break the encryption. So if NSA normally can decrypt your message in five minutes, with double encryption, they need ten minutes. You would probably be much better off by instead doubling the length of the key, which might make them need 100 years to break the encryption.

In a few cases, it makes sense to repeat the encryption - but you need to work the math with the specific algorithm to prove it. For instance, Triple-DES is basically DES repeated three times with three different keys (except that you encrypt-decrypt-encrypt, instead of just encrypting three times). But this also shows how unintuitive this works, because while Triple-DES triples the number of encryptions, it only has double the effective key-length of the DES algorithm.

Rasmus Faber  2009-04-21 07:02:22
roadrunner breaks everything in milliseconds
Eric  2009-04-21 07:05:14
And, seriously, if the NSA wants your data, they'll take you into a dark room and threaten to separate you from your manhood, so to speak. You'd be surprised how quickly they can crack your encryption with that method :-)
paxdiablo  2009-04-21 07:08:11
@PAX Decryption by waterboarding?
ojblass  2009-04-21 07:10:23
See http://www.schneier.com/blog/archives/2008/10/rubber_hose_cry.html
Pontus Gagge  2009-04-21 07:14:08
I guess it's the "easiest approach" method. Put as many locks on your doors as you want but it's useless if the burglars can still break the glass in your windows. And the Mafiosa in the US often found it easier to hijack the armored cars (or trucks) than rob the banks (especially if they were in cahoots with the drivers).
paxdiablo  2009-04-21 07:30:37
+1 but the other answer actually outlines cases where the encryption becomes weaker.
ojblass  2009-04-23 14:29:35
A: 

WinRAR is VERY secure. There's a case where the goverment couldnt' get into files on a laptop a guy was carrying from Canada. He used WinRAR. They tried to make him give them the password, and he took the 5th. It was on appeal for 2 years, and the courts finally said he didn't have to talk (every court said that during this process). I couldn't believe someone would even think he couldn't take the 5th. The government dropped the case when they lost their appeal, because they still hadn't cracked the files.

elmer  2010-03-14 01:07:41
Since when does the government's ability to break encryption have anything to do with how secure the scheme is?
Longpoke  2010-03-14 16:43:03
+1  A: 

Encryption with multiple keys is more secure than encryption with a single key, it's common sense.

My vote is that it is not adding any additional security

No.

other than having to compromise two different private keys.

Yes, but you see, if you encrypt something with two ciphers, each using a different key, and one of the ciphers are found to be weak and can be cracked, the second cipher also must be weak for the attacker to recover anything.

Longpoke  2010-03-14 16:49:09
+1  A: 

Double encryption does not increase the security.

There are two modes of using PGP: asymmetric (public key, with a private key to decrypt), and symmetric (with a passphrase). With either mode the message is encrypted with a session key, which is typically a randomly generated 128-bit number. The session key is then encrypted with the passphrase or with the public key.

There are two ways that the message can be decrypted. One is if the session key can be decryped. This is going to be either a brute-force attack on the passphrase or by an adversary that has your private key. The second way is an algorithmic weakness.

If the adversary can get your private key, then if you have two private keys the adversary will get both.

If the adversary can brute-force your passphrase or catch it with a keystroke logger, then the adversary can almost certainly get both of them.

If there is an algorithmic weakness, then it can be exploited twice.

So although it may seem like double encryption helps, in practice it does not help against any realistic threat.

vy32  2010-03-14 21:49:08
+1  A: 

The answer, like most things, is "it depends". In this case, it depends on how the encryption scheme is implemented.

In general, using double encryption with different keys does improve security, but it does not square the security, due to the meet-in-the-middle attack.

Basically, the attacker doesn't HAVE to break all possible combinations of the first key and the second key (squared security). They can break each key in turn (double security). This can be done in double the time of breaking the single key.

Doubling the time it takes isn't a significant improvement however, as others have noted. If they can break 1 in 10mins, they can break two in 20mins, which is still totally in the realm of possibility. What you really want is to increase security by orders of magnitude so rather than taking 10mins it takes 1000 years. This is done by choosing a better encryption method, not performing the same one twice.

The wikipedia article does a good job of explaining it.

Burly  2010-05-03 02:47:12
A: 

Using brute force to break encryption, the only way they know they got the key, is when the document they've decrypted makes sense. When the document is double encrypted, it still looks like garbage, even if you have the right key - hence you don't know you had the right key.

Is this too obvious or am I missing something?

Earl  2010-06-25 08:08:18

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security