[zgs]

Another example of "roll your own crypto". Just don't.

Honestly, just stick to one algorithm and use that. Choose something modern. There is no evidence that AES-256 has problems. CBC mode allows some alteration of the plaintext but it's limited and noticeable, best to include an integrity check (HMAC or CMAC).

You really don't want to encrypt bulk data using RSA, it's simply not designed for that.

[brudgers]

One of the stories at the beginning of Volume 2, of The Art of Computer Programming tells of Knuth's early attempt to generate random numbers.

It's a story of a clever kid, relying on intuitions and getting it wrong, because it's mathematics.

Thus he devotes one of his twelve chapters entirely to random numbers.

Unfortunately, it is well established by internet forums that nobody should read Knuth.

[kbns]

"roll your own crypto" means writing a new encryption scheme. But here i'm just using multiple schemes without connection to one another by using different encryption keys.

What if AES-256 gets compromised?

Basically i'm storing my encrypted data online. Anyone can see it but only i can decrypt it.

[zgs]

You *are* inventing a new crypto algorithm.

A symmetric cipher is a permutation, multiple symmetric ciphers in sequence is still a permutation. There has been no analysis done on the latter to determine if the sequence you use hides a weakness. I'd much prefer a well analysed system to an unanalysed one.

[kbns]

> multiple symmetric ciphers in sequence is still a permutation.

No its not. The data feeding to the next algorithm is an already encrypted data from the previous algorithm. Theres 0 connection b/w them.

For example . step 1 . encrypt message (M) with key (K1) using AES to produce cipher text (C1) step 2 . encrypt message C1 with key K2 using TripleDES to produce C2. step n . and so on using all algorithms with different Keys.

I don't see any connections b/w them. 0 entropy. Please correct me if i'm wrong.

[zgs]

It's still a permutation: shuffling a deck of cards again doesn't make it any more random (apologies to Diaconis). A symmetric cipher is just a shuffle -- no more, no less. Sure, it "feels" unlikely that there would be a problem but can you prove that or prove at least some level of confidence in it?

The bottom line is just AES is good enough. Your data almost certainly isn't worth the effort involved for an attacker even if there was a substantial breakthrough against AES. If it was worth enough, there are far cheaper and easier ways to get access than breaking the crypto: https://xkcd.com/538/

Modern symmetric crypto is secure enough: any problems you hear about are not in the algorithms. Cracking crypto as seen in movies is a complete fiction, it doesn't work like that.

I suggest reading some introductory texts on cryptography to fill knowledge gaps.

[kbns]

Thank you. i will learn more about it.