-1

Following on from here, I am unconvinced that encrypting twice with RSA is a waste of time: doesn't it depend on what is placed in-between the two encryptions?. What would happen if a permutation was applied at this point? How strong will the encryption be then?

That is, $$f(m^{e_1}\mod n_1)^{e_2} \mod n_2$$

I am not 100% familiar with the RSA algorithm, and so am unsure whether $n$ could stay the same in two different encryptions using different keys, so have used $n_1$ and $n_2$ (perhaps we could have $n_1=n_2$ if this is ok).

To choose $f$, perhaps someone could use something else like a different symmetric algorithm or, even better, have the (symmetric) mapping function sent to the recipient encrypted using the 1st RSA enryption (that way he can change the mapping whenever he wants - even when sending the same message to many recipients).

Community
  • 1
NoOne
  • 113
  • 4

1 Answers1

1

For safer/stronger lets just use the purported bit strength. RSA (the company) says 2048 bit RSA is equivalent to a 112 bit symmetric key. $F$ is basically a substitution cipher. If substituting bytes, there are $256!$ different substitution maps. We could say this has a bit strength of about $1684$. Combined in your method, we now have a strength of $112+1684+112=1908$. So, there you have it, the answer is yes, what you are proposing increases the security.

I though, still would never use what you are proposing. The main reason is that your proposal add unnecessary complexity. RSA-2048 is more than sufficient for anything that I need to do. Furthermore, if it weren't sufficient, I would simply use RSA-4096 (or something larger). Complexity adds vulnerability.

My point then is, if it is going to take the attacker 50 years to break your proposal and only 30 years to break RSA-2048 and my plaintext only has value for 20 years, I'll always choose the simpler of the two. If my plaintext has value for 40 years, then there are other options which are still much simpler than your proposal that will get me what I want and so I will use them instead of your proposal.

So the question then is, if no one is willing to use a stronger proposal, is it really stronger? I'll let you think about that.

mikeazo
  • 38,563
  • 8
  • 112
  • 180
  • I do state what F is (letter replacement algorithm - map). Safer means more difficult to crack. What all of you fail to understand is that I am interested for an encryption method that if I use it in 2013 it would be at some degree certain that it will not be broken until 3015. The fact that a method is considered safe by the general public today is not sth I really care. I need more security than RSA alone can provide. – NoOne Jul 30 '13 at 17:28
  • @NoOne, The problem is the output of RSA is not letters. It is a number. So it is unclear what $F$ really is. Do you mean, for example, take the output 1233 change it to the string "1233" then replace the letters one for one to say "4877"? – mikeazo Jul 30 '13 at 17:31
  • @NoOne Another thing that confused me about $F$ is when you said "break a mapping algorithm of many permutations" – mikeazo Jul 30 '13 at 17:32
  • Imagine we work with bytes and F is a table of bytes of 256 length. Inside it, there are all the numbers in the set [0,255] in random order. Thus F[input character] gives another 'character' in [0,255]. – NoOne Jul 30 '13 at 17:35
  • @NoOne so $F$ is a simple substitution cipher. – mikeazo Jul 30 '13 at 17:36
  • Yes (it could be other things too however)! (The terminology is not sth I remember well :) ). – NoOne Jul 30 '13 at 17:39
  • Anyway... I think I can help myself better! I will mark your answer as correct. Nice answer here: http://crypto.stackexchange.com/a/1971/7803 – NoOne Jul 30 '13 at 17:48