[Cryptography] coding for compression or secrecy or both or neither

[Henry Baker]

Re compressible ciphertexts:

If I take a binary ciphertext and replace every "0" bit with the sequence "00", the result is compressible, but is no less (and no more) secure than the original ciphertext.

In fact, we do something analogous all the time: we embed the ciphertext in various kinds of error-correcting codes, which are then stripped off at the receiving end.

So long as the redundancy of the ciphertext is 100% uncorrelated with the original plaintext, there's nothing wrong with a ciphertext that is highly compressible; one example is steganography, in which one encrypted message is hidden inside another cover message: think of a person blinking Morse Code in a prisoner-of-war video.

The usual reason for preferring uncompressible ciphertext is that it potentially maximizes the bit rate, but if bit rate isn't the most pressing problem, then other goals can be given priority.