5

Does there exist a cipher that can be encrypted twice with two different keys and then decrypted twice using either key first?

For example:

Plaintext is "Lemons are great!"
Encode with Key #1
Encode with Key #2
Decode with Key #1
Decode with Key #2
Result is "Lemons are great!"

To my understanding TLS does something like this, but I'm not sure. I've also tried reading about elliptical curve cryptography to no avail (of useful understanding, that is). I've also tried my own tests with OpenSSL but I feel like it's salting things and therefore is making it not work.

I understand this is possible with a ROT(n), but that's of course not considered cryptographically secure.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
Osmium USA
  • 153
  • 3

1 Answers1

7

$\operatorname{ROT}(n)$ is also known as the Caesar cipher.

$\operatorname{ROT}(n)$ can be thought of as a character based stream cipher. It works because addition - the encryption method used - is commutative. In other words

$\operatorname{ROT}(x, \operatorname{ROT}(y, m)) = \operatorname{ROT}(y, \operatorname{ROT}(x, m))$.

Another well known commutative function is $\operatorname{XOR}$. It is used by the one time pad, but - more practically - also for block ciphers in streaming mode.

So you can encrypt using AES in CTR mode using two different keys in any order and get the same ciphertext. And decryption will work in any order as well.

Note that you should use an IV or nonce if you reuse the keys. Reusing a key stream generated from the key and IV breaks confidentiality. Together with $\operatorname{XOR}$ it breaks the scheme as you can XOR out the key stream.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323