If we consider information to be safe if we encrypt it (e.g., text in a file, encrypted with modern strong encryption), would it be safer (as in harder to crack) if we then encrypted the encrypted file, and encrypted the encrypted^2 file, etc.? Is this what strong encryption already does behind the scenes?

  • solrize@lemmy.world
    link
    fedilink
    arrow-up
    14
    ·
    4 months ago

    As people have said, the keys have to be completely independent of each other or else the layering can make the encryption weaker. And, if you’re worried about one of your layers being weak, you shouldn’t be using that layer in the first place.

    I think SSL/TLS actually gained something from this though. The initial key agreement phase generated (from my foggy memory) a “premaster secret”, then hashed it with both SHA-1 and MD5 and combined the two hashes in some way. Those were the two hash algorithms popular in that era. Later on, weaknesses (free collisions) were found in MD5 and even later, in SHA-1. By combining both algorithms, SSL avoided any hint of compromise from those particular hash problems. SSL’s designer Paul Kocher later said he was very glad he had specified using both.

    I would say though, that secure hashing (with a public algorithm and no secrets) has generally been considered a more difficult problem than secret-key encryption or authentication. And SHA1 and MD5 both used design approaches now considered dubious.

    • ryannathans
      link
      fedilink
      arrow-up
      5
      ·
      4 months ago

      Many applications like signal use two layers of encryption. One classical, and one quantum secure.