Super-Encryption

[Ben Laurie]

mlong at bridgetonconsulting.com wrote:
> Quoting Ben Laurie <ben at algroup.co.uk>:
> 
> 
>>I don't see any value added by cipher1 - what's the point?
> 
> 
> The message is encrypted, i.e, cipher1, then cipher1 is encrypted yeilding 
> cipher2.
> 
> Since symmetric_key1 of cipher1 is RSA_Encrypt(sender's private key), access 
> to sender's public key can decrypt cipher1(must be *this* sender).
> 
> Since symmetric_key2 of cipher2 is RSA_Encrypt(receiver's public key), only 
> the receiver can decrypt cipher2.
> 
> As was pointed out to me, the process of decrypting cipher2, yields an 
> encrypted message, i.e., cipher1, that can forwarded on behalf of the original 
> sender. This is not necessarily undesirable.  However, SHA1(message) is to 
> ensure that cipher1 has not be altered in transport.  Therefore, the receiver 
> knows three items.
> (1) The sender who originated the message.
> (2) The receiver is the intended receiver.
> (3) The message was not altered during transport.

Yes, but you could know all this from cipher2 and RSA of SHA1(message), 
so I still don't see what value is added by cipher1.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com