[362] in Cypherpunks
Double encryption
daemon@ATHENA.MIT.EDU (Eric Hughes)
Mon May 17 12:30:23 1993
Date: Mon, 17 May 93 09:04:05 -0700
From: Eric Hughes <hughes@soda.berkeley.edu>
To: cypherpunks@toad.com
In-Reply-To: Not MY universe! 17-May-1993 0927's message of Mon, 17 May 93 06:47:45 PDT <9305171347.AA19553@enet-gw.pa.dec.com>
Re: group properties of ciphers, speaking of E1 D2 E3 DES mode:
>Back in the early days of DES, it was not known if DES encryption
>followed by another DES encryption formed a group. That's why triple
>DES encryption was designed to use an intermediate DEcryption (not encryption)
That's not at all the reason. One of the properties of groups is that
inverses exist. If an inverse existed to DES encryption, then to
every encryption key K, there would correspond some unique other
encryption key L, such that that encryption by L was the same as
decryption by K. Thus if DES formed a group, mixing inverses would
have no effect.
The reason for the inverses is for backward compatibility. By setting
all the keys equal to each other, its the same as a single DES. If
you encrypt EEE, you can't get backward compatibility since no DES key
yields the identity function.
Eric
