[Cryptography] Is there a good algorithm providing both compression and encryption at the same time?

Bill Cox waywardgeek at gmail.com
Thu May 7 11:03:36 EDT 2015

On Wed, May 6, 2015 at 2:03 PM, Ben Laurie <ben at links.org> wrote:

> Compression is fundamentally problematic.
> http://en.wikipedia.org/wiki/Transport_Layer_Security#CRIME_and_BREACH_attacks
> http://www.links.org/?p=127 <http://www.links.org/?p=1277>

We need a way to tell the lower-level transport to not encrypt the most
sensitive data, by inserting a marker into the stream that disables/enables
compression.  This would not stop all data leakage, but at least it could
help protect security tokens and other keys.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150507/2a911da0/attachment.html>

More information about the cryptography mailing list