Pretty pointless but if i encrypt something with my own cypher (i'll assume it is wrong and bad) then encrypt it with something like AES or another known good cypher would that data be safe?
Logically i开发者_如何学运维 say yes because the top layer is secure. Does anyone know for sure?
Maybe.
The situation that you describe has been analyzed by Maurer and Massey in the paper "Cascade ciphers: The importance of being first", published in Journal of Cryptology, 1993. Here the authors show that a cascade of two ciphers can not be weaker than the first cipher. Note, that this result assumes that the ciphers use independent keys.
They also show somewhat surprisingly that the cascade may not be as strong as the second cipher. The example given in the paper is a little academic and it is in fact somewhat hard to come up with realistic examples. Here is a try:
Assume users of a web page are sending encrypted forms containing some sensitive fields to the server. To make sure that the length of the ciphertext does not leak any information all the choices for the sensitive fields should be formated such that they have the same length. Encrypting plaintexts of the same length with say AES-CBC will always result in ciphertexts of the same length. Now, assume that we insert another encryption step before the AES layer that uses compression. Now suddenly, the ciphertexts will no longer have always the same length, and the length depends on the choices of the user. Specially, if the number of choices are restricted (think voting) this may indeed leak real information.
Of course, in many situation adding another encryption step does not hurt. Just, the conclusion of the paper by Maurer and Massey is that you shouldn't rely on it.
This is only provably true if the keys used by the AES layer and the other layer are distinct and completely unrelated.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论