[Cryptography] Compression before encryption?
Tom Mitchell
mitch at niftyegg.com
Mon Jan 12 20:23:48 EST 2015
>
>
> On Fri, 2015-01-09 at 13:22 +0100, Stephan Neuhaus wrote:
>> > I have come across the recommendation to "compress before you encrypt"
>
>
One additional comment... if compression proves to be very efficient on
the message then the message is fragile and possibly easy to attack because
it
has a lot of redundancy.
Compressed files do have sufficient structure that might also prove to be
a
sufficient valuable "known" to leverage an attack with. Compression bombs
as part of
the payload might be a defensive strategy or just make the snooper angry.
mixing compression tools and applying layers of compression might result in
smaller files but yet may not have compression artifacts that are easy to
leverage.
Transmitting compressed files requires the advisory to decompress the file
sufficiently
to discover that it needs further inspection complicating automated
snooping processes.
The best answer is not obvious if bandwidth and storage are inexpensive
and fast.
Interesting discussion....
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150112/9bf409df/attachment.html>
More information about the cryptography
mailing list