I am not sure whether "linear decomposition" is appropriate to summary my question: We know that the traditional symmetric encryption/decryption algorithm (like AES, TDES) can be written as:
C = FUN_enc(key, P) P = FUN_dec(key, C)
Where FUN_enc is the encryption function/algorithm, FUN_dec is the decryption function, C is ciphertext, P is plaintext. For AES, FUN_enc and FUN_dec are AES encrypt and decrypt algorithms. Here we only consider the basic ECB mode.
OK, now comes my question: Does one encryption/decryption algorithm exists, that satisfy:
C1 = FUN_enc(key1, P) C2 = FUN_enc(key2, C1) and: C2 = FUN_enc(key3, P)
That is, one encryption can be splited into two individual encryption steps, and also give key1, key2, some algorithm can calculate key3.
One algorithm that can be decomposed to two:
FUN_enc(key, P) = FUN_enc(ke2, FUN_enc(key1, P)) and the algorithm FUN_enc SHALL also as secure as AES.
