Rainbow Table vs Multiple Hashes - Does this make sense?

I am completly new to security development!!!!

I am trying to develop a method of saving encrypted data. One method I
have used is to create is to encrypt the data and then encrpt it again
N number of times.

Does this buy me anything, other then a slow process?

Another thought was to do the same, but change the encrtyption methods
between iterations.

Is there any value in these aproaches am I making a stupid mistake?

My biggest problem in the past is finding algorithums that work the
same on both Windows and Lunix.

Re: Rainbow Table vs Multiple Hashes - Does this make sense?

david.leedom@gmail.com writes:
> I am completly new to security development!!!!
>
> I am trying to develop a method of saving encrypted data. One method I
> have used is to create is to encrypt the data and then encrpt it again
> N number of times.
>
> Does this buy me anything, other then a slow process?
>
> Another thought was to do the same, but change the encrtyption methods
> between iterations.
>
> Is there any value in these aproaches am I making a stupid mistake?
>
> My biggest problem in the past is finding algorithums that work the
> same on both Windows and Lunix.

If you're implementing encryption in code, you'll probably get the
best answer from sci.crypt

--
Todd H.
http://www.toddh.net/

Re: Rainbow Table vs Multiple Hashes - Does this make sense?

david.leedom@gmail.com wrote:

> I am completly new to security development!!!!
>
> I am trying to develop a method of saving encrypted data. One method I
> have used is to create is to encrypt the data and then encrpt it again
> N number of times.
>
> Does this buy me anything, other then a slow process?

If you use the same key in all rounds, you gain nothing.

> Another thought was to do the same, but change the encrtyption methods
> between iterations.

No better. Don't use several algorithms, use several keys. Google for
Kerkhoffs' Principle.

> Is there any value in these aproaches am I making a stupid mistake?

There is a certain pedagogical value there ;-)

> My biggest problem in the past is finding algorithums that work the
> same on both Windows and Lunix.

Use AES as the encryption algorithm, unless you have a good reason to do
otherwise. There are also well debugged open source libraries out there.
They'll save lots of your time. (And probably your ass, too, several
times...)

BTW, there are also full open source programs that run under many systems,
E.g. TrueCrypt supports both Windows and Linux.
http://en.wikipedia.org/wiki/TrueCrypt

-- Lassi

Re: Rainbow Table vs Multiple Hashes - Does this make sense?

Humm that is an issue. I do take my key and hash it with MD5 several
times Key->Hash->Hash. But then I use that key for each iteration.

Thanks for you input.


Lassi Hippeläinen wrote:
> david.leedom@gmail.com wrote:
>
> > I am completly new to security development!!!!
> >
> > I am trying to develop a method of saving encrypted data. One method I
> > have used is to create is to encrypt the data and then encrpt it again
> > N number of times.
> >
> > Does this buy me anything, other then a slow process?
>
> If you use the same key in all rounds, you gain nothing.
>
> > Another thought was to do the same, but change the encrtyption methods
> > between iterations.
>
> No better. Don't use several algorithms, use several keys. Google for
> Kerkhoffs' Principle.
>
> > Is there any value in these aproaches am I making a stupid mistake?
>
> There is a certain pedagogical value there ;-)
>
> > My biggest problem in the past is finding algorithums that work the
> > same on both Windows and Lunix.
>
> Use AES as the encryption algorithm, unless you have a good reason to do
> otherwise. There are also well debugged open source libraries out there.
> They'll save lots of your time. (And probably your ass, too, several
> times...)
>
> BTW, there are also full open source programs that run under many systems,
> E.g. TrueCrypt supports both Windows and Linux.
> http://en.wikipedia.org/wiki/TrueCrypt
>=20
> -- Lassi