By 'breaking the encryption' I meant 'going around the wall', that is, rendering the encryption ineffective. I know, taken literally 'breaking the encryption' means finding/exploiting a flaw in the actual algorithm, but I was speaking idiomatically - think 'arrays of arrays' in Perl.

Incidentally, and in agreement with you, tilly: I can't remember the source, but I recall someone from the NSA as being quoted as saying: "We don't need to break DES, because the implementations are so poor". For lots of cases, you can probably s/DES/modern cipher/.

I see no way in which encrypting the whole file makes the encryption any harder to break than using the same algorithm to encrypt a piece of data that you put into a file.

But s?he won't be encrypting a piece of data: pieces will be encrypted and put in the file.

In The Codebreakers by David Kahn (ISBN 9780684831305), the author spends some time describing the Allied codebreaking effort during WW2. One way they decrypted a lot of messages was to guess at the content of the messages. For instance, an encrypted German message might contain "Mittwoch" if sent on Wednesday. This guessed content was known as a "crib".

By encrypting multiple pieces of information and storing them in a non-encrypted file, you're giving an attacker an awful lot of context for each piece. Which means coming up with cribs for those individual pieces will be a lot easier.

In practice, which of the following would be harder to break?

Dave's password for the fileserver is: <encrypted data>

<encrypted data encrypted data encrypted data encry...>

In the first instance, an attacker has a whole lot more to information to use, which improves their chances of a successful decryption.

---

email: perl -e 'print reverse map { chr( ord($_)-1 ) } split //, "\x0bufo/hojsfufqAofc";'