[Cryptography] Compression before encryption?

[Henry Baker]

At 10:07 PM 1/15/2015, Christian Huitema wrote:
>> Sometimes forgotten about compression algorithms: if something is compressed, then at some point it gets 
>> uncompressed.  If an attacker can send such a "compressed" message, then (s)he can send a _super-compressed_ 
>> message -- one which uncompresses into a super-sized message that will choke any buffer/memory 
>> allocation/swap partition/address space.  Such a supercompressed message is a buffer overflow on steroids.  
>> Depending upon the compression algorithm, some uncompressed messages can be several exponentials larger 
>> than their compressed versions.  Some programs are unprepared for this explosion of bits.
>
>That's very easy to do with JPEG.  Create a monochromatic image so it
>compresses really well.  Make it really large.  In fact, if you don't care
>about syntax checks, you can just forge a start of frame header that
>specifies an enormous size, then enjoy watching programs doing a malloc of
>width*height.

The supercompressed files I'm talking about could never be created by
compressing an actual file, because they are larger than the known
universe.  They are generated directly by someone who knows how the
compression algorithm works.  Sometimes, this requires something
analogous to zip-within-zip-within-zip-within-zip, etc., but some
compression schemes already do the recursion for you.  Something
fun for web-crawling robots to chew on for a while.  ;-)