I understand that it is more secure provided you use different keys. But don’t take my word for it. I’m not a crypto-analyst. I don’t even play one on TV.

The reason I understand it to be more secure is that you’re using extra information for encoding (both multiple keys and an unknown number of keys (unless you publish the fact that there’s two)).

Double encryption using the same key makes many codes easier to crack. I’ve heard this for some codes but I know it to be true for ROT13 🙂

I think the security scheme used by Kerberos is a better one than simple double encryption.

They actually have one master key whose sole purpose is to encrypt the session key and that’s all the master key is used for. The session key is what’s used to encrypt the real traffic and it has a limited lifetime. This has two advantages.

• Evil dudes don’t have time to crack the session key since, by the time they’ve managed to do it, those session keys are no longer in use.
• Those same evil dudes don’t get an opportunity to crack the master key simply because it’s so rarely used (they would need a great many encrypted packets to crack the key).

But, as I said, take that with a big grain of salt. I don’t work for the NSA. But then I’d have to tell you that even if I did work for the NSA. Oh, no, you won’t crack me that easily, my pretty.

Semi-useful snippet: Kerberos (or Cerberus, depending on your lineage) is the mythological three-headed dog that guards the gates of Hell, a well-chosen mascot for that security protocol. That same dog is called Fluffy in the Harry Potter world (I once had a girlfriend whose massive German Shepherd dog was called Sugar, a similarly misnamed beast).