Example of product cipher more secure than its components

Question

Can anyone give me an example of a product cipher which more secure than its components. Here is how the explanation should proceed.

There is cipher C1 which can be attacked with the technique A1, and cipher C2 which can be attacked with the technique A2, but the product of the two, C1C2 can not be attacked with A1, A2 or the combination of the two.

Ella Rose · Answer 1 · 2019-04-12T15:30:06.123

For

a $1$-bit message $m$
a randomly generated, fixed prime $k$ (the key)
per-ciphertext randomly generated $r$ and/or $e$

C1, C2

$$C_1 : (k * r) + m$$ $$C_2 : (2 * e) + m$$

A1, A2

$$\begin{align}A_1(c_0, c_1) : c' = c_0 - m_0\\c'' = c_1 - m_1\\k = \operatorname{gcd}(c', c'') = \operatorname{gcd}(k*r_0, k*r_1)\end{align}$$ $$\begin{align}A_2(c_0) : m = c_0 \bmod 2\end{align}$$

C12

$$C_{(12)} : (k * r) + (2 * e) + m$$ $$A_{(12)} : \text{Solve the AGCD problem}$$

Notes

Attacks assume the known-plaintext attack scenario
$C_2$ by itself might be considered a pathological example by itself, but as you can see above, when combined with some $C_1$ it contributes immensely to security.
$A_1$ might require multiple applications if $k$ is not prime

Example of product cipher more secure than its components

1 Answers1

C1, C2

A1, A2

C12

Notes