I want to find out from people who understand cryptography that's the question, because I am not very strong in such matters.

Suppose we have some source data of 128 bits in size. I encrypt them with AES-256 with the key key1, and then, the resulting cipher is encrypted again with the same AES-256, but for more security, with another key, key2.

Does this mean that the resistance of encrypted information to hacking has become 2 times higher?

  • As far as I can imagine, resilience will increase even more than twice. I will cite in this example ru.wikipedia.org/wiki/… . When decrypting the decryptor is looking for options that will be a normal set of words. But in fact, he needs to look for an option that, with another decoding, will turn into a normal set of words. It turns out that the complexity does not double, but increases to a square. But I'm not sure. - kandi
  • five
    You ask is not there. Read the article for the beginning, you are dangerously incompetent in cryptography , and understand that with a naive approach (“the key is twice as long — twice as much”) you can miscalculate. - VladD pm

2 answers 2

In essence - yes, an attacker will have to pick up both keys in order to decrypt the original message. Because Initially, it was 2 ^ 256, and another 2 ^ 256 was added, resulting in 2 ^ 512. Just do not understand why you need it. The key length of 256 bits is not taken by brute force, it makes no sense to increase it.

  • five
    Wouldn't it be like some third key? Original * Key1 * Key2 = Original * Key3? - Kromster 2:19 pm
  • @KromStern, I don't know, and Google doesn't seem to know either. Apparently few people have been doing this yet or there are no results. If you want to google yourself, then you should look for the "functional composition group". If AES forms such a group, then yes, this number will not work. But at the moment, it seems, it is not known whether the AES is forming a group or not. For DES known . But it became known many years after DES became the standard. Apparently not enough time has passed for such a study AES. - ixSci

It is not necessary to go through both keys separately, since the “ method of meeting in the middle ” can be applied to double encryption.

A brief description is. We have two texts - unencrypted (PT) and encrypted (CT). We begin to pick up the keys using the brute force method. With each key we encrypt the unencrypted text (we get PTX) and decrypt the cipher text (we get CTX). The results are memorized. We try the next key and so on. At each iteration, we check to see if the resulting PTX is the same as one of the previously stored CTX or the resulting CTX with one of the previously stored PTX. If a match is found, we immediately found both keys. Thus, to find two 256-bit keys using the brute force method, we need a maximum of 2 ^ 257 encryption / decryption operations, and not at all 2 ^ 512.