[Cryptography] Is there a good algorithm providing both compression and encryption at the same time?
ianG
iang at iang.org
Tue May 12 10:27:21 EDT 2015
On 12/05/2015 00:32 am, Christian Huitema wrote:
> On Monday, May 11, , at 3:09 AM, Peter Gutmann wrote
>> ...
>> Sure, I'm aware of over two dozen papers on this topic (discussing the ability
>> to identify spoken phrases, language used, video content for movie streaming,
>> web site browsing patterns, e.g. which tax bracket you're in based on which
>> pages on tax sites you visit, and so on), but as I said it depends on whether
>> the user considers this a problem or not, and by and large the masses (which
>> includes companies, banks, government organisations, and so on, not just Joe
>> Sixpack at home) don't. Skype is in a particularly bad spot here with their
>> use of encryption because the vast majority of users don't care whether it's
>> encrypted or not (they just want free calling over the Internet), and those
>> who really care about encrypted phonecalls typically won't use Skype because
>> they let governments listen in.
>
> At the same time, the IETF is pushing the encrypt everything agenda, and one of the big arguments is browsing privacy. You get arguments to encrypt Wikipedia to prevent censors from discovering which pages a particular user is reading. Wikipedia is public, but reading pages on homosexuality or abortion could get youths in trouble in many places. The argument goes that encryption will thwart the censors. Except of course that the encrypted traffic still reveal page lengths, compressed or not...
Some African countries are in the process of increasing penalties for
homosexuality, including in some cases the death sentence.
If one wanted to use e.g., Wikipedia to reach out to victims (being the
homosexuals) and evade the attackers (being the police in those
countries) then using HTTPS over the browsing would be a good measure.
It is unlikely that the police there would mount an attack that
sophisticated that they could match the page lengths of different
Wikipedia articles. They'd have to index the whole lot, and then index
the linkages to try and winnow out the non-related pages of the same
length. Etc.
Yes it could be done... And if it was done, then's the time to improve
things. Never let the perfect be the enemy of the good.
BTW, for anyone doubting the ability of such things to achieve change,
here's an old article claiming that the Coloured Revolutions of five or
so years ago in Northern Africa to Middle East were triggered by
wikileaks of documents delivered by Pvte. Manning.
http://www.worldaffairsjournal.org/article/wikihistory-did-leaks-inspire-arab-spring
iang
More information about the cryptography
mailing list