[Cryptography] Compression before encryption?

Christian Huitema huitema at huitema.net
Fri Jan 16 01:07:55 EST 2015

> Sometimes forgotten about compression algorithms: if something is
compressed, then at some point it gets 
> uncompressed.  If an attacker can send such a "compressed" message, then
(s)he can send a _super-compressed_ 
> message -- one which uncompresses into a super-sized message that will
choke any buffer/memory 
> allocation/swap partition/address space.  Such a supercompressed message
is a buffer overflow on steroids.  
> Depending upon the compression algorithm, some uncompressed messages can
be several exponentials larger 
> than their compressed versions.  Some programs are unprepared for this
explosion of bits.

That's very easy to do with JPEG. Create a monochromatic image so it
compresses really well. Make it really large. In fact, if you don't care
about syntax checks, you can just forge a start of frame header that
specifies an enormous size, then enjoy watching programs doing a malloc of
width*height. You can also play games with chosen size values and integer
overflow. But this is hardly related to encryption. More related to the
general idea that one shall not trust data coming from unverified sources...

-- Christian Huitema

More information about the cryptography mailing list