[Cryptography] Compression before encryption?

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Jan 9 23:42:12 EST 2015

Stephan Neuhaus <stephan.neuhaus at zhaw.ch> writes:

>I have come across the recommendation to "compress before you encrypt", on
>the grounds that this makes plaintext recognition through frequency analysis
>much harder.

This seems to be based on thinking dating back to hand ciphers and mechanical
cipher machines, for which this was indeed the case.  Any decent cipher today
has to be resistant not just to known-plaintext but to chosen-plaintext
attacks, so hiding plaintext patterns doesn't really get you much.  OTOH it
opens you up to a pile of oracle attacks based on compressability of
plaintext, so the answer to "should I compress before encrypting?" is no-
biased, it'll definitely hurt you but it's questionable whether it'll help


More information about the cryptography mailing list