[Cryptography] Summary: compression before encryption
phill at hallambaker.com
Mon Jan 19 18:24:51 EST 2015
Reading through a lot of the replies, it occurs to me that compression
isn't the problem, lack of padding is.
If confidentiality is an issue then message length almost always reveals a
great deal. I added padding to my DNS Privacy proposal because I realized
how much is given away by the message length.
But I am starting to think that the rule should be 'always pad if
confidentiality is an issue'.
In most cases, confidentiality is only a weak concern, its authenticity
that is the prime Web concern most times.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography