使用pgp加密两次有什么好处吗? [英] Is there any benefit to encrypting twice using pgp?
问题描述
几年后更新: Rasmus Faber指出,3DES加密被添加以延长DES加密的使用寿命,这被广泛采用。使用相同的密钥加密两次,受到在中间的攻击中的认识而第三次加密确实提供更大的安全性
我知道这更安全只要您使用不同的键。但不要以我的话为由。我不是加密分析师。我甚至不在电视上播放。
我理解为更安全的原因是,您正在使用额外的信息编码(两个键和一个未知数量的键(除非你发布有两个键))。
使用相同键的双加密可以使许多代码更容易破解。我已经听到了一些代码,但是我知道它对于ROT13是正确的: - )
我认为Kerberos使用的安全方案它比一个简单的双重加密更好一个。
他们实际上有一个主密钥,其唯一目的是加密会话密钥,而且全部主密钥用于。会话密钥是用于加密真实流量的会话密钥,其使用寿命有限。这有两个优点。
- 恶作剧没有时间破解会话密钥,因为在他们设法做的时候这些会话密钥不再被使用。
- 同样的邪恶团体没有机会破解主密钥,因为它很少使用(他们需要很多加密的数据包破解密钥)。
但是,正如我所说,用大量的盐。我不为NSA工作。但是,我必须告诉你,即使我为NSA工作。哦,不,你不会容易地破解我,我的漂亮。
半有用的片段: Kerberos(或Cerberus,取决于你的血统)是神话三头的狗,守卫地狱之门,这是一个精心挑选的吉祥物,为该安全协议。那只同样的狗在哈利波特世界被称为蓬松(我曾经有一个女朋友,其大量的德国牧羊犬被称为糖,一个类似的错误的野兽)。
I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. I believe it is not adding any additional security other than having to compromise two different private keys. I think that if it was any more secure than encrypting it one million times would be the best way to secure information.
Update a couple of years later: As Rasmus Faber points out 3DES encryption was added to extend the life of DES encryption which had widespread adoption. Encrypting twice using the same key suffers from the Meet in the Middle Attack while encrypting a third time does in fact offer greater security
I understand that it is more secure provided you use different keys. But don't take my word for it. I'm not a crypto-analyst. I don't even play one on TV.
The reason I understand it to be more secure is that you're using extra information for encoding (both multiple keys and an unknown number of keys (unless you publish the fact that there's two)).
Double encryption using the same key makes many codes easier to crack. I've heard this for some codes but I know it to be true for ROT13 :-)
I think the security scheme used by Kerberos is a better one than simple double encryption.
They actually have one master key whose sole purpose is to encrypt the session key and that's all the master key is used for. The session key is what's used to encrypt the real traffic and it has a limited lifetime. This has two advantages.
- Evil dudes don't have time to crack the session key since, by the time they've managed to do it, those session keys are no longer in use.
- Those same evil dudes don't get an opportunity to crack the master key simply because it's so rarely used (they would need a great many encrypted packets to crack the key).
But, as I said, take that with a big grain of salt. I don't work for the NSA. But then I'd have to tell you that even if I did work for the NSA. Oh, no, you won't crack me that easily, my pretty.
Semi-useful snippet: Kerberos (or Cerberus, depending on your lineage) is the mythological three-headed dog that guards the gates of Hell, a well-chosen mascot for that security protocol. That same dog is called Fluffy in the Harry Potter world (I once had a girlfriend whose massive German Shepherd dog was called Sugar, a similarly misnamed beast).
这篇关于使用pgp加密两次有什么好处吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
