Dual cryptography

Question

Dual cryptography

Asked 7 years, 11 months ago

Viewed 373 times

4

A colleague told me that he created an encryption class that implements 4 algorithms:

Tripledescryptoserviceprovider Class

Descryptoserviceprovider Class

Rc2cryptoserviceprovider Class

Rijndaelmanaged Class

He told me that he made, or would make, one encryption on the other, for example:

would receive a text, would encrypt with the first algorithm
would take the encrypted result, and would encrypt with a second algorithm

When I heard this, I found it strange. I had never heard anything like it. I researched some terms in English and found nothing. I wondered if this would be another gambit in trying to create a new encryption, or if it would be something well thought out that would really be hard to break.

I don’t think you’ll be as performative as you have to process two encryptions. Using this technique increases security or the correct is to opt for only one algorithm?

Normal. We also have our own class to encrypt and decrypt and it is not rare that information is encrypted several times. And in this case the algorithm is the same, but executed more than once.

– Reginaldo Rigo

2017/01/04 at 17:34

1 answer

Browser other questions tagged .net cryptography

You are not signed in. Login or sign up in order to post.

by mgibsonbr • **80,631** points · Answer 1 · 2017-03-28T04:47:59+00:00

It’s called cascading encryption (Scade), and is used in real systems (for example, the Truecrypt system offers the option to use up to 3 distinct algorithms - AES, Twofish and Serpent - including in different orders). The idea is that if one or more algorithms are broken in the future, there is a better chance that at least one of them will remain safe, and so the set remains intact.

Note: it is very important that each algorithm be used with a key distinct, generated independently of others. Only otherwise the break of any of them could reveal the key corresponding to the attacker, and then just use this key to decipher the others, without needing to break them too.

On performance, it is actually a slower solution than using a single algorithm, and in the absence of a cryptographic break offers no additional protection from using a single algorithm. It takes a cost/benefit analysis to decide whether to use or not to use, and this varies from case to case. In my personal experience, a 3-layer protected "virtual hard drive" did not degrade performance noticeably, at least to a moderate volume of accesses (the creation of the disk, however, took several hours longer than using a single algorithm).