Meet at the middle attack

This attack 👊 makes double encryption insufficient/almost useless , and for example, this is why DES <Data Encryption Standard> using as 3DES tripple encryption and not double . Side note: for most cases using different keys for each encryption layer. 🔑

Basic Idea 🧠 of this attack — that to brute-force double encryption its will take only twice time more (+) from single encryption and not multiple (*) as expected. e.g. If you have encryption key length 2^56 (this number just for example and comes from DES) so to brute-force it using this attack its will

2^56 + 2^56 = 2^57 options instead of 2^56 *2^56 = 2^112 as expected.
So the assumption is that attacker🏴‍☠️ know the first bit of plain text of encrypted info (in many cases its could be true, cause of standard document headers and etc).
Explanation:

Let ef be encryption function/cipher, df - decryption function and x1 - bit of info of plain text, and y1 an encrypted result which was got from double encryption of ef

• Attacker do brute-force all possible keys to encrypt x1 using ef once, and storing each result (let's say zi) at the table
• Attacker do brute-force all possible keys to decrypt y1 using df once and result compared with the keys zi from the table of the first step, if the results are match - then most probably he found the keys (there is more steps on how to check that these keys are correct, cause potentially could be false-positive key matches, but this is the basic idea)

and as you can see in the worst way scenario its will take only 2 times more time from single encryption.

x1 👉🏻 zi 👈🏻 y1