## Abstract

The unicity distance of a cascade of random. ciphers, w.r.t. known plaintext attack, is shown to be the sum of the key lengths. A time-space trade-off for the exhaustive cracking of a cascade of ciphers is shown. The structure of the set of permutations realized by a cascade is studied; it is shown that only *l*·2^{ k } exhaustive experiments are necessary to determine the behavior of a cascade of *l* stages, each having *k* key bits. It is concluded that the cascade of random ciphers is not a random cipher. Yet, it is shown that, with high probability, the number of permutations realizable by a cascade of *l* random ciphers, each having *k* key bits, is 2^{ lk }. Next, it is shown that two stages are not worse than one, by a simple reduction of the cracking problem of any of the stages to the cracking problem of the cascade. Finally, it is shown that proving a nonpolynomial lower bound on the cracking problem of long cascades is a hard task, since such a bound implies that *P≠NP.*

## Preview

Unable to display preview. Download preview PDF.

## References

- [S]Shannon, C.E., “Communication Theory of Secrecy Systems,” Bell System J., Vol. 28, 1949, pp. 656–715.Google Scholar
- [DH]Diffie, W., and Hellman, M.E., “Exhaustive Cryptanalysis of the NBS Data Encryption Standard,” Computer, June 1977, pp. 74–84.Google Scholar
- [DES]Data Encryption Standard, National Bureau of Standards,
*Federal Information Processing Standards*, Publ. 46, 1077.Google Scholar - [AB]Asmuth, C.A., and Blakley, G.R., “An Efficient Algorithm for Constructing a Cryptosystem which is Harder to Break than Two Other Cryptosystems,” Comp. & Maths. with Appls., 7, 1081, pp. 447–450.Google Scholar
- [RS]Rivest, R.L., and Sherman, A.T., “Randomized Encryption Techniques,” in
*Advances in Cryptology*,*Proceedings of Crypto**82*, Edited by Chaffin Plenum Press, 1983.Google Scholar - [EG]Even, S., and Goldreich, O., “On the Power of Cascade Ciphers,” Tech. Rep. No. 275, Comp. Sci. Dept., Technion, Haifa, Israel. May 1983.Google Scholar