Inspired by \"Guarding against cryptanalytic breakthroughs: combining multiple h
ID: 651273 • Letter: I
Question
Inspired by "Guarding against cryptanalytic breakthroughs: combining multiple hash functions", I am curious if there is a cryptographic reason to use only one algorithm during encryption.
For example, start with Blowfish, move to AES, switch to DES, etc, in a defined, but semi-unpredictable fashion (maybe basing which one to choose next off the last 4 bits of the most-recently-encrypted block's original plantext).
Would changing algorithm (but keeping the key identical, for sake of argument) have any cryptographic value? Could such a scheme be more resilient to cryptanalysis?
Explanation / Answer
Seems to me that it makes it easier on the attacker; that way, if he knows of any weakness in one of the ciphers you use, he can recover that part of the plaintext. And, the fact that "he doesn't know which parts are encrypted by what" doesn't really hinder him, he can guess.
In addition, basing it on the plaintext means that if the attacker knows the plaintext (say, you're transmitting boilerplate), that means that he knows which cipher you're using, and so he doesn't have to guess.
Using the same key for all the ciphers makes things even worse; that means that if he does recover (say) the 56 bit DES key, he then knows 56 bits of your AES key.
Using N different ciphers makes sense only if you're secure if any of them are secure (and there are ways to do that). What you proposed means that you're secure only if they're all secure -- you'd be better off picking one, and sticking with that.