My professor stated that permutations which are done repeatedly does not further

Question

My professor stated that permutations which are done repeatedly does not further enhance security than just one permutation. He also stated that fact this applies to consecutive substitutions as well. Algorithms such as AES which intertwine permutation and substitution in each round does in fact increase security. I understand this is because if they are intertwined, then the substitution effect will be diffused by the following permutation. However, if he were to ask this question in a test: why does repeated permutations or substitutions not enhance security? I won't be able to think of a good answer.

Explanation / Answer

The reason two permutations in a row don't increase security is that there is always a third permutation that's equivalent to performing the two permutations in a row. For instance, suppose we have 5 elements, and the following two permutations:
?1?2:12345?34251:12345?43512

Then if we apply ?1 followed by ?2, we send 1 to 5 by ?1 and then to 3 by ?2; if we work out all of the 5 elements, we get
?2??1:12345?52134

This is just another permutation (using more common cycle notation, ?1=(13245), and ?2=(14)(235), so ?2??1=(1543)(2)). As you can see, composing the two permutations just popped out a third permutation; from an attacker's point of view, the fact that we did two permutations is irrelevant, because he can treat it as just one permutation.

With substitutions, it's similar: composing two substitutions gives a third (single) substitution, so there's no difference from an attackers point of view.

Related Questions

Navigate

• Browse (All)
• Browse M
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.