[Cryptography] Is there a good algorithm providing both compression and encryption at the same time?
hanno at hboeck.de
Wed May 6 18:16:01 EDT 2015
On Wed, 6 May 2015 10:15:02 +0200
Francois BERENGER <francois.berenger.fun at gmail.com> wrote:
> then, instead of encrypting the whole resulting pair (to save some
> time), we would send over the wire
> (symmetric_encrypt(compression_dictionary, secret_key),
That almost certainly would result in an insecure construction. While
an attacker can not regenerate the full secret text he'll learn a lot
about it, e.g. things like "this starts with a pattern that is then
repeated 3 times at certain locations in the text". That doesn't
fulfill any reasonable definition of encryption security.
It also hardly makes sense. Performance of symmetric encryption is
largely a non-issue these days. Compression performance is a trade-off.
There are very fast algos, but obviously they aren't the best
I don't see any reasonable performance gain in a combined algorithm.
BUT and here comes the big BUT: It is tricky to combine compression and
encryption at all. Numerous attacks in the past have shown that this
combination is super-dangerous, e.g. the CRIME and BREACH attack.
I think for HTTP/2 there was some work done on creating a compression
system that is immune to these kinds of attacks (hpack), but I am not
familiar with the details.
mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the cryptography