[120950] in cryptography@c2.net mail archive
Re: Double Encryption Q
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?Pehr_S=F6derman?=)
Fri Apr 18 16:52:22 2008
Date: Thu, 17 Apr 2008 22:44:03 +0200
From: =?ISO-8859-1?Q?Pehr_S=F6derman?= <Pehrs@kth.se>
To: COMINT <comint@gmail.com>, cryptography@metzdowd.com
In-Reply-To: <afe51f3f0804110730n7542c555ieceaaf8643d6ab89@mail.gmail.com>
There are some situations when this can be dangerous. It's a matter of
implementation. I can directly come up with one trivial scenario that
will end you up in trouble:
Assume that you are using AES-CTR (AES in Counter mode) and do not
change the IV between the two encryptions. In this case you will
correctly encrypt the data, but the second encryption will leave A
unprotected.
/Pehr Söderman
COMINT wrote:
> Quick system scenario:
>
> You have packet [A].
>
> It gets encrypted using an AES algo in a particular mode and we are
> left with [zA].
>
> More data [B] is added to that encrypted packet.
>
> Now I have [zA]+[B] in one packet and I re-encrypt it with the same
> algo/key/mode.
>
> Have I just compromised the security somehow? I wasn't aware of
> anything but something about this double encryption made something
> ring in my mind so I wanted to double check...
>
> Many thanks,
>
> Mr Pink
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
>
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
