Does encrypting plaintext multiple times with the same stream cipher but independent keys increase security? If each key is n-bits, and the cascade uses m-streams, could this be considered mn-bit encryption?
Actually, the strength of the system is between $n$ and $n\lfloor (m+1)/2 \rfloor$ bits.
The lower bound is obvious; here is an attack which breaks the system with $2^{n\lfloor (m+1)/2 \rfloor}$ work effort (assuming a known plaintext/ciphertext pair).
- Divide the ciphers into two halves; one half containing $\lfloor m/2 \rfloor$ ciphers (and thus $n\lfloor m/2 \rfloor$ bit bits), and the other half containing $\lfloor (m+1)/2 \rfloor$ ciphers (and thus $n\lfloor (m+1)/2 \rfloor$ bit bits)
For the first half, iterate through all $2^{n\lfloor m/2 \rfloor}$ possible key values, and for each such set of keys, generate the key stream and compute $P \oplus C \oplus keystream$, and save it in a database (along with the keys that generated it).
Then, for the second half, iterate through all $2^{n\lfloor (m+1)/2 \rfloor}$ possible key values, and for each such set of keys, generate the key stream, and search for it in your database.
When you find a match (and you always will, assuming that their is a set of keys), then you also get the keys.
Both these steps take at most $2^{n\lfloor (m+1)/2 \rfloor}$ work effort, hence that is the amount of time required.
With that said, there is sometimes an easier attack against the system which reduces the required work. The obvious example is the Vingenere cipher, where encrypting the text with $m$ different keys is precisely the same as encrypting it with one key.
