Yes, you are right.
A formal definition of IND-CPA is indeed missing in my question. Here, I informally use the term "IND-CPA" to refer to the property that an encryption scheme can result in pseudorandom ciphertexts in $\mathcal{C}_1$
This is of course a stronger assumption than being IND-CPA, but it is boring to point this out.
Really, this assumption can be written as
$\mathsf{Enc}_k$ is a PRF family.
It is perhaps more straightforward to think about this in terms of PRFs, so I will quickly show that if $F_k, G_k$ are (individually) PRFs, then $(F_k, G_k)$ need not be, e.g. sharing PRF keys can break security.
This is because of the dependence between the left and right components, as you have guessed.
Let $F_k$ be a PRF, and let $G_k = F_k^{\circ 2}$, i.e. $G_k(x) = F_k(F_k(x))$.
It is simple to see that $G_k$ is (individually) a PRF --- any distinguisher for it implies a distinguisher for $F_k$, as you can efficiently emulate query access to $G_k$ given query access to $F_k$.
Now, $(F_k, F_k^{\circ 2})$ is not a PRF.
This is because, given an oracle $\mathcal{O}(\cdot)$ that is either real or random, you can.
- $(y_1, y_2)\gets \mathcal{O}(x)$,
- $(z_1, z_2) \gets \mathcal{O}(y_1)$,
- guess REAL if $y_2 = z_1$, and RANDOM otherwise.
IF $\mathcal{O}(x) = (F_k(x), F_k^{\circ 2}(x))$ is your PRF, then $y_2 = F_k^{\circ 2}(x)$, and $z_1 = F_k(y_1)= F_k(F_k(x)) = F_k^{\circ 2}(x)$ collide.
In the random game, the probability of any two values colliding is quite small, so this immediately implies a rather good distinguisher.
There are more immediate problems though.
One way to build $\mathsf{Enc}_k(m)$ is by XORing $m$ with a PRF, for example $\mathsf{Enc}_k(m) = (r, F_k(r)\oplus m)$.
This is simply randomized counter mode (where messages are a single block).
In this setting, the joint construction is $(m_1,m_2)\mapsto (r, F_k(r)\oplus m_1, F_k(m_2))$.
Again, by querying on $(m_1, m_2)$, and then querying $(m_3, r)$, one can obtain an efficient distinguisher.
This is to say a natural construction (where $\mathsf{Enc}$ is randomized counter mode) is not secure in your setting as well.