double encryption - One Time Pad The 2019 Stack Overflow Developer Survey Results Are In“Padless” One-time-Pad encryptionHave these compositions of block ciphers the same security?One-time pad mistake in the transmission?OTP same message encrypted twice (with different keys)Breaking One Time Pad with CCAOne-time pad using RSA and Diffie-Hellman functionsDoes sending the same message with 2 different keys in OTP leak information?One Time Pad Alphabet SizeSafely using ciphers that take small key sizesIs one time pad cipher reuse and random key secure?

The difference between dialogue marks

How to deal with fear of taking dependencies

What does "fetching by region is not available for SAM files" means?

Is flight data recorder erased after every flight?

Time travel alters history but people keep saying nothing's changed

Is bread bad for ducks?

Does the shape of a die affect the probability of a number being rolled?

Resizing object distorts it (Illustrator CC 2018)

If a Druid sees an animal’s corpse, can they wild shape into that animal?

What do the Banks children have against barley water?

Why did Acorn's A3000 have red function keys?

How to obtain Confidence Intervals for a LASSO regression?

Scaling a graph of a circle and the standard parabola in TikZ

Why isn't airport relocation done gradually?

How to type this arrow in math mode?

Is there any way to tell whether the shot is going to hit you or not?

Aging parents with no investments

What did it mean to "align" a radio?

Origin of "cooter" meaning "vagina"

Can someone be penalized for an "unlawful" act if no penalty is specified?

Did Section 31 appear in Star Trek: The Next Generation?

Write faster on AT24C32

What tool would a Roman-age civilization have for the breaking of silver and other metals into dust?

Can you compress metal and what would be the consequences?



double encryption - One Time Pad



The 2019 Stack Overflow Developer Survey Results Are In“Padless” One-time-Pad encryptionHave these compositions of block ciphers the same security?One-time pad mistake in the transmission?OTP same message encrypted twice (with different keys)Breaking One Time Pad with CCAOne-time pad using RSA and Diffie-Hellman functionsDoes sending the same message with 2 different keys in OTP leak information?One Time Pad Alphabet SizeSafely using ciphers that take small key sizesIs one time pad cipher reuse and random key secure?










1












$begingroup$


Can the security of the encryption system be improved by using double encryption with two randomly chosen keys?



By double encryption I mean using two keys K1 and K2, each 20-bit long, to obtain ciphertext $C = ( M ⊕ K_1 ) ⊕ K_2$.










share|improve this question









New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$







  • 1




    $begingroup$
    An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
    $endgroup$
    – Natanael
    2 hours ago






  • 1




    $begingroup$
    I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
    $endgroup$
    – Maarten Bodewes
    1 hour ago











  • $begingroup$
    @MaartenBodewes Yeh, you're right.
    $endgroup$
    – Paul Uszak
    38 mins ago















1












$begingroup$


Can the security of the encryption system be improved by using double encryption with two randomly chosen keys?



By double encryption I mean using two keys K1 and K2, each 20-bit long, to obtain ciphertext $C = ( M ⊕ K_1 ) ⊕ K_2$.










share|improve this question









New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$







  • 1




    $begingroup$
    An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
    $endgroup$
    – Natanael
    2 hours ago






  • 1




    $begingroup$
    I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
    $endgroup$
    – Maarten Bodewes
    1 hour ago











  • $begingroup$
    @MaartenBodewes Yeh, you're right.
    $endgroup$
    – Paul Uszak
    38 mins ago













1












1








1





$begingroup$


Can the security of the encryption system be improved by using double encryption with two randomly chosen keys?



By double encryption I mean using two keys K1 and K2, each 20-bit long, to obtain ciphertext $C = ( M ⊕ K_1 ) ⊕ K_2$.










share|improve this question









New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$




Can the security of the encryption system be improved by using double encryption with two randomly chosen keys?



By double encryption I mean using two keys K1 and K2, each 20-bit long, to obtain ciphertext $C = ( M ⊕ K_1 ) ⊕ K_2$.







one-time-pad multiple-encryption






share|improve this question









New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 1 hour ago









Ella Rose

17k44483




17k44483






New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 3 hours ago









MinaMina

61




61




New contributor




Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Mina is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 1




    $begingroup$
    An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
    $endgroup$
    – Natanael
    2 hours ago






  • 1




    $begingroup$
    I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
    $endgroup$
    – Maarten Bodewes
    1 hour ago











  • $begingroup$
    @MaartenBodewes Yeh, you're right.
    $endgroup$
    – Paul Uszak
    38 mins ago












  • 1




    $begingroup$
    An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
    $endgroup$
    – Natanael
    2 hours ago






  • 1




    $begingroup$
    I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
    $endgroup$
    – Maarten Bodewes
    1 hour ago











  • $begingroup$
    @MaartenBodewes Yeh, you're right.
    $endgroup$
    – Paul Uszak
    38 mins ago







1




1




$begingroup$
An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
$endgroup$
– Natanael
2 hours ago




$begingroup$
An ideal one time pad already has perfect security, you can't just get twice as perfect. The second layer doesn't add much.
$endgroup$
– Natanael
2 hours ago




1




1




$begingroup$
I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
$endgroup$
– Maarten Bodewes
1 hour ago





$begingroup$
I don't see how enumerating the key values makes any difference for the one-time pad. Even a single bit key for a single bit message would be secure.
$endgroup$
– Maarten Bodewes
1 hour ago













$begingroup$
@MaartenBodewes Yeh, you're right.
$endgroup$
– Paul Uszak
38 mins ago




$begingroup$
@MaartenBodewes Yeh, you're right.
$endgroup$
– Paul Uszak
38 mins ago










3 Answers
3






active

oldest

votes


















4












$begingroup$

The answer is we cannot improve the security of the one-time pad in this manner. Intuitively the reason is that the double one-time pad is just a less efficient one time pad.



The security of the traditional xor-based one-time pad is requires that the key $K$ is chosen uniformly at random for each message and that the key is at least as large as the message.



Because the xor operation is associative, we could re-write the double one-time pad as $C = M oplus(K_1 oplus K_2)$ or $ C = M oplus K$, where $K = K_1 oplus K_2$. Now if $K_1$ and $K_2$ are uniform, it is easy to show that $K$ is also uniform. Assuming the key and the message have length $n$



$P_K[k] = sum_x in 0,1^nP_K_1,K_2[k_1 = x, k_2 = k oplus k_1] = frac12^n$



In other words $K_1 oplus K_2$ could be simply replaced by a single uniform key, therefore $K_1$ is enough. Moreover the double one-time pad is inefficient because it requires two xor operations.




Regarding cascade encryption, Maurer and Massey showed that cascade encryption is as strong as the first cipher. Matthew Green's blog post is a nice (easy to read) summary of multi-encryption security.






share|improve this answer











$endgroup$




















    2












    $begingroup$

    For the one-time-pad the answer is no, since it already achieves information-theoretic security (meaning that the ciphertext is statistically independent from the plaintext).
    So, applying it twice doesn’t add any extra security (and may actually worsen security if the second key is not independent from the first).






    share|improve this answer








    New contributor




    guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






    $endgroup$




















      0












      $begingroup$

      The intention of a good cipher is to remove all orders and bit arrangements in a plaintext and produce output ciphertext in which there is no distinguishable orders and arrangements obtainable.I mean that the ciphertext should be a uniform distribution.



      By considering this remark, if we have a good encrypted output(means plaintext which is encrypted with a good encryption algorithm ex AES),we can not find bit orders on it and re-encrypting the same output is ineffective and useless. In other words, imposing more security affections on the second encrypted ciphertext based on using the same cipher with another key is not remarkable, However we can not give a global rule for this.



      An obvious example of this cipher types is 2DES (or even 3DES). This cipher, encrypts a plaintext with 2 different keys. Again the security of ciphertext rely on the DES structure. but we should consider that the whole system(2DES or 3DES) is vulnerable to meet-in-the-middle attack and in this situation and also the key space is not the sum of keys( k1+k2).



      Therefore using ciphers in this manner is not more common. but if we want to encrypt a plaintext with two different ciphers with different keys, the whole structure gives more stamina to ciphertext against cryptanalysis.



      And about One-time pad encryption, this cipher has a perfect security, so imposing another encryption with different key is waste of time and resources.






      share|improve this answer











      $endgroup$












      • $begingroup$
        I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
        $endgroup$
        – Maarten Bodewes
        1 hour ago











      Your Answer





      StackExchange.ifUsing("editor", function ()
      return StackExchange.using("mathjaxEditing", function ()
      StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
      StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
      );
      );
      , "mathjax-editing");

      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "281"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: false,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      imageUploader:
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      ,
      noCode: true, onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );






      Mina is a new contributor. Be nice, and check out our Code of Conduct.









      draft saved

      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68685%2fdouble-encryption-one-time-pad%23new-answer', 'question_page');

      );

      Post as a guest















      Required, but never shown

























      3 Answers
      3






      active

      oldest

      votes








      3 Answers
      3






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      4












      $begingroup$

      The answer is we cannot improve the security of the one-time pad in this manner. Intuitively the reason is that the double one-time pad is just a less efficient one time pad.



      The security of the traditional xor-based one-time pad is requires that the key $K$ is chosen uniformly at random for each message and that the key is at least as large as the message.



      Because the xor operation is associative, we could re-write the double one-time pad as $C = M oplus(K_1 oplus K_2)$ or $ C = M oplus K$, where $K = K_1 oplus K_2$. Now if $K_1$ and $K_2$ are uniform, it is easy to show that $K$ is also uniform. Assuming the key and the message have length $n$



      $P_K[k] = sum_x in 0,1^nP_K_1,K_2[k_1 = x, k_2 = k oplus k_1] = frac12^n$



      In other words $K_1 oplus K_2$ could be simply replaced by a single uniform key, therefore $K_1$ is enough. Moreover the double one-time pad is inefficient because it requires two xor operations.




      Regarding cascade encryption, Maurer and Massey showed that cascade encryption is as strong as the first cipher. Matthew Green's blog post is a nice (easy to read) summary of multi-encryption security.






      share|improve this answer











      $endgroup$

















        4












        $begingroup$

        The answer is we cannot improve the security of the one-time pad in this manner. Intuitively the reason is that the double one-time pad is just a less efficient one time pad.



        The security of the traditional xor-based one-time pad is requires that the key $K$ is chosen uniformly at random for each message and that the key is at least as large as the message.



        Because the xor operation is associative, we could re-write the double one-time pad as $C = M oplus(K_1 oplus K_2)$ or $ C = M oplus K$, where $K = K_1 oplus K_2$. Now if $K_1$ and $K_2$ are uniform, it is easy to show that $K$ is also uniform. Assuming the key and the message have length $n$



        $P_K[k] = sum_x in 0,1^nP_K_1,K_2[k_1 = x, k_2 = k oplus k_1] = frac12^n$



        In other words $K_1 oplus K_2$ could be simply replaced by a single uniform key, therefore $K_1$ is enough. Moreover the double one-time pad is inefficient because it requires two xor operations.




        Regarding cascade encryption, Maurer and Massey showed that cascade encryption is as strong as the first cipher. Matthew Green's blog post is a nice (easy to read) summary of multi-encryption security.






        share|improve this answer











        $endgroup$















          4












          4








          4





          $begingroup$

          The answer is we cannot improve the security of the one-time pad in this manner. Intuitively the reason is that the double one-time pad is just a less efficient one time pad.



          The security of the traditional xor-based one-time pad is requires that the key $K$ is chosen uniformly at random for each message and that the key is at least as large as the message.



          Because the xor operation is associative, we could re-write the double one-time pad as $C = M oplus(K_1 oplus K_2)$ or $ C = M oplus K$, where $K = K_1 oplus K_2$. Now if $K_1$ and $K_2$ are uniform, it is easy to show that $K$ is also uniform. Assuming the key and the message have length $n$



          $P_K[k] = sum_x in 0,1^nP_K_1,K_2[k_1 = x, k_2 = k oplus k_1] = frac12^n$



          In other words $K_1 oplus K_2$ could be simply replaced by a single uniform key, therefore $K_1$ is enough. Moreover the double one-time pad is inefficient because it requires two xor operations.




          Regarding cascade encryption, Maurer and Massey showed that cascade encryption is as strong as the first cipher. Matthew Green's blog post is a nice (easy to read) summary of multi-encryption security.






          share|improve this answer











          $endgroup$



          The answer is we cannot improve the security of the one-time pad in this manner. Intuitively the reason is that the double one-time pad is just a less efficient one time pad.



          The security of the traditional xor-based one-time pad is requires that the key $K$ is chosen uniformly at random for each message and that the key is at least as large as the message.



          Because the xor operation is associative, we could re-write the double one-time pad as $C = M oplus(K_1 oplus K_2)$ or $ C = M oplus K$, where $K = K_1 oplus K_2$. Now if $K_1$ and $K_2$ are uniform, it is easy to show that $K$ is also uniform. Assuming the key and the message have length $n$



          $P_K[k] = sum_x in 0,1^nP_K_1,K_2[k_1 = x, k_2 = k oplus k_1] = frac12^n$



          In other words $K_1 oplus K_2$ could be simply replaced by a single uniform key, therefore $K_1$ is enough. Moreover the double one-time pad is inefficient because it requires two xor operations.




          Regarding cascade encryption, Maurer and Massey showed that cascade encryption is as strong as the first cipher. Matthew Green's blog post is a nice (easy to read) summary of multi-encryption security.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 1 hour ago

























          answered 1 hour ago









          Marc IlungaMarc Ilunga

          37817




          37817





















              2












              $begingroup$

              For the one-time-pad the answer is no, since it already achieves information-theoretic security (meaning that the ciphertext is statistically independent from the plaintext).
              So, applying it twice doesn’t add any extra security (and may actually worsen security if the second key is not independent from the first).






              share|improve this answer








              New contributor




              guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
              Check out our Code of Conduct.






              $endgroup$

















                2












                $begingroup$

                For the one-time-pad the answer is no, since it already achieves information-theoretic security (meaning that the ciphertext is statistically independent from the plaintext).
                So, applying it twice doesn’t add any extra security (and may actually worsen security if the second key is not independent from the first).






                share|improve this answer








                New contributor




                guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                Check out our Code of Conduct.






                $endgroup$















                  2












                  2








                  2





                  $begingroup$

                  For the one-time-pad the answer is no, since it already achieves information-theoretic security (meaning that the ciphertext is statistically independent from the plaintext).
                  So, applying it twice doesn’t add any extra security (and may actually worsen security if the second key is not independent from the first).






                  share|improve this answer








                  New contributor




                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  $endgroup$



                  For the one-time-pad the answer is no, since it already achieves information-theoretic security (meaning that the ciphertext is statistically independent from the plaintext).
                  So, applying it twice doesn’t add any extra security (and may actually worsen security if the second key is not independent from the first).







                  share|improve this answer








                  New contributor




                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer






                  New contributor




                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered 1 hour ago









                  guilhermemtrguilhermemtr

                  1214




                  1214




                  New contributor




                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  guilhermemtr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





















                      0












                      $begingroup$

                      The intention of a good cipher is to remove all orders and bit arrangements in a plaintext and produce output ciphertext in which there is no distinguishable orders and arrangements obtainable.I mean that the ciphertext should be a uniform distribution.



                      By considering this remark, if we have a good encrypted output(means plaintext which is encrypted with a good encryption algorithm ex AES),we can not find bit orders on it and re-encrypting the same output is ineffective and useless. In other words, imposing more security affections on the second encrypted ciphertext based on using the same cipher with another key is not remarkable, However we can not give a global rule for this.



                      An obvious example of this cipher types is 2DES (or even 3DES). This cipher, encrypts a plaintext with 2 different keys. Again the security of ciphertext rely on the DES structure. but we should consider that the whole system(2DES or 3DES) is vulnerable to meet-in-the-middle attack and in this situation and also the key space is not the sum of keys( k1+k2).



                      Therefore using ciphers in this manner is not more common. but if we want to encrypt a plaintext with two different ciphers with different keys, the whole structure gives more stamina to ciphertext against cryptanalysis.



                      And about One-time pad encryption, this cipher has a perfect security, so imposing another encryption with different key is waste of time and resources.






                      share|improve this answer











                      $endgroup$












                      • $begingroup$
                        I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                        $endgroup$
                        – Maarten Bodewes
                        1 hour ago















                      0












                      $begingroup$

                      The intention of a good cipher is to remove all orders and bit arrangements in a plaintext and produce output ciphertext in which there is no distinguishable orders and arrangements obtainable.I mean that the ciphertext should be a uniform distribution.



                      By considering this remark, if we have a good encrypted output(means plaintext which is encrypted with a good encryption algorithm ex AES),we can not find bit orders on it and re-encrypting the same output is ineffective and useless. In other words, imposing more security affections on the second encrypted ciphertext based on using the same cipher with another key is not remarkable, However we can not give a global rule for this.



                      An obvious example of this cipher types is 2DES (or even 3DES). This cipher, encrypts a plaintext with 2 different keys. Again the security of ciphertext rely on the DES structure. but we should consider that the whole system(2DES or 3DES) is vulnerable to meet-in-the-middle attack and in this situation and also the key space is not the sum of keys( k1+k2).



                      Therefore using ciphers in this manner is not more common. but if we want to encrypt a plaintext with two different ciphers with different keys, the whole structure gives more stamina to ciphertext against cryptanalysis.



                      And about One-time pad encryption, this cipher has a perfect security, so imposing another encryption with different key is waste of time and resources.






                      share|improve this answer











                      $endgroup$












                      • $begingroup$
                        I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                        $endgroup$
                        – Maarten Bodewes
                        1 hour ago













                      0












                      0








                      0





                      $begingroup$

                      The intention of a good cipher is to remove all orders and bit arrangements in a plaintext and produce output ciphertext in which there is no distinguishable orders and arrangements obtainable.I mean that the ciphertext should be a uniform distribution.



                      By considering this remark, if we have a good encrypted output(means plaintext which is encrypted with a good encryption algorithm ex AES),we can not find bit orders on it and re-encrypting the same output is ineffective and useless. In other words, imposing more security affections on the second encrypted ciphertext based on using the same cipher with another key is not remarkable, However we can not give a global rule for this.



                      An obvious example of this cipher types is 2DES (or even 3DES). This cipher, encrypts a plaintext with 2 different keys. Again the security of ciphertext rely on the DES structure. but we should consider that the whole system(2DES or 3DES) is vulnerable to meet-in-the-middle attack and in this situation and also the key space is not the sum of keys( k1+k2).



                      Therefore using ciphers in this manner is not more common. but if we want to encrypt a plaintext with two different ciphers with different keys, the whole structure gives more stamina to ciphertext against cryptanalysis.



                      And about One-time pad encryption, this cipher has a perfect security, so imposing another encryption with different key is waste of time and resources.






                      share|improve this answer











                      $endgroup$



                      The intention of a good cipher is to remove all orders and bit arrangements in a plaintext and produce output ciphertext in which there is no distinguishable orders and arrangements obtainable.I mean that the ciphertext should be a uniform distribution.



                      By considering this remark, if we have a good encrypted output(means plaintext which is encrypted with a good encryption algorithm ex AES),we can not find bit orders on it and re-encrypting the same output is ineffective and useless. In other words, imposing more security affections on the second encrypted ciphertext based on using the same cipher with another key is not remarkable, However we can not give a global rule for this.



                      An obvious example of this cipher types is 2DES (or even 3DES). This cipher, encrypts a plaintext with 2 different keys. Again the security of ciphertext rely on the DES structure. but we should consider that the whole system(2DES or 3DES) is vulnerable to meet-in-the-middle attack and in this situation and also the key space is not the sum of keys( k1+k2).



                      Therefore using ciphers in this manner is not more common. but if we want to encrypt a plaintext with two different ciphers with different keys, the whole structure gives more stamina to ciphertext against cryptanalysis.



                      And about One-time pad encryption, this cipher has a perfect security, so imposing another encryption with different key is waste of time and resources.







                      share|improve this answer














                      share|improve this answer



                      share|improve this answer








                      edited 2 hours ago

























                      answered 2 hours ago









                      Arsalan VahiArsalan Vahi

                      1169




                      1169











                      • $begingroup$
                        I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                        $endgroup$
                        – Maarten Bodewes
                        1 hour ago
















                      • $begingroup$
                        I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                        $endgroup$
                        – Maarten Bodewes
                        1 hour ago















                      $begingroup$
                      I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                      $endgroup$
                      – Maarten Bodewes
                      1 hour ago




                      $begingroup$
                      I'm not convinced that reencrypting the output of AES cannot strengthen the ciphertext in case weaknesses are found. For 2DES: even 2DES is more secure than single DES. It is not as strong as it should be given the doubling of the key size (which is actually also true for 3DES, only less so). So I'm finding myself disagreeing with a large portion of the answer (and agreeing with the last two sections).
                      $endgroup$
                      – Maarten Bodewes
                      1 hour ago










                      Mina is a new contributor. Be nice, and check out our Code of Conduct.









                      draft saved

                      draft discarded


















                      Mina is a new contributor. Be nice, and check out our Code of Conduct.












                      Mina is a new contributor. Be nice, and check out our Code of Conduct.











                      Mina is a new contributor. Be nice, and check out our Code of Conduct.














                      Thanks for contributing an answer to Cryptography Stack Exchange!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid


                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.

                      Use MathJax to format equations. MathJax reference.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68685%2fdouble-encryption-one-time-pad%23new-answer', 'question_page');

                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      Are there any AGPL-style licences that require source code modifications to be public? Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?Force derivative works to be publicAre there any GPL like licenses for Apple App Store?Do you violate the GPL if you provide source code that cannot be compiled?GPL - is it distribution to use libraries in an appliance loaned to customers?Distributing App for free which uses GPL'ed codeModifications of server software under GPL, with web/CLI interfaceDoes using an AGPLv3-licensed library prevent me from dual-licensing my own source code?Can I publish only select code under GPLv3 from a private project?Is there published precedent regarding the scope of covered work that uses AGPL software?If MIT licensed code links to GPL licensed code what should be the license of the resulting binary program?If I use a public API endpoint that has its source code licensed under AGPL in my app, do I need to disclose my source?

                      2013 GY136 Descoberta | Órbita | Referências Menu de navegação«List Of Centaurs and Scattered-Disk Objects»«List of Known Trans-Neptunian Objects»

                      Metrô de Los Teques Índice Linhas | Estações | Ver também | Referências Ligações externas | Menu de navegação«INSTITUCIÓN»«Mapa de rutas»originalMetrô de Los TequesC.A. Metro Los Teques |Alcaldía de Guaicaipuro – Sitio OficialGobernacion de Mirandaeeeeeee