[Cryptography] Is there a good algorithm providing both compression and encryption at the same time?
Jerry Leichter
leichter at lrw.com
Sun May 10 16:55:40 EDT 2015
On May 10, 2015, at 9:15 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> Jerry Leichter <leichter at lrw.com> writes:
>> One can readily construct an example where this is false.
>> [...]
>
> Sure, you can come up with hypothetical examples to demonstrate almost
> anything about any crypto or security issue. As used in EDI though, it's safe
> enough.
>
> And in general you need to ask "safe against what?" rather than just saying
> "safe" or "unsafe". Most users of crypto don't know or care about traffic
> analysis, it's only a tiny subset of security geeks who do, so any definition
> of "safe" doesn't need to include "safe against traffic analysis". When I
> used the term "safe" I meant "safe against anything that EDI users care
> about", for example.
Well, fine, but the responsibility is on use security geeks to understand what's safe and what's not and make sure the system is appropriate for its intended use - and the reasonably foreseeable additional uses to which it will be put.
And even then there will be surprises. You'd have thought that compress-then-encrypt would be perfectly safe for VoIP, but as the article I cited earlier shows, you'd have been very wrong.
-- Jerry
More information about the cryptography
mailing list