Menu
I have the assumption there is no added protection at all.
399
Compress and then encrypt is better. Data compression removes redundant character strings in a file. So the compressed file has a more uniform distribution of characters. This also provides shorter plaintext and ciphertext, which reduces the time spent encrypting, decrypting and transmiting the file.
At a high level, compression tries to use patterns in data in order to reduce its size. Encryption tries to shuffle data in such a way that without the key, you can't find any patterns in the data at all. Encryption produces output that appears random: a jumble of bits with a lot of entropy.
Once encrypted no other than the intended receiver can decrypt it. Hence compression and encryption is done simultaneously.
First compress and then encrypt is best. However there is more to good encryption than just the order of encrypt and compress. Ideally you should use non-deterministic authenticated encryption. - encryption should take some random as input (next to a sectret key) so that it produces a different ciphertext every time.
There is no difference in the security provided, but because of the way compression algorithms work, you are probably going to get better compression if you compress first then encrypt.
Compression algorithms exploit statistical redundancies (such as those that exist in natural language or in many file formats) in the data which should be eliminated when you encrypt it, therefore an encrypted message shouldn't be able to be compressed all that well.
From the wikipedia article:
However, lossless data compression algorithms will always fail to compress some files; indeed, any compression algorithm will necessarily fail to compress any data containing no discernible patterns. Attempts to compress data that has been compressed already will therefore usually result in an expansion, as will attempts to compress all but the most trivially encrypted data.
74
Warning: if an attacker controls part of the plaintext that gets compressed, and can observe the size of the resulting encrypted ciphertext, they may be able to deduce the rest of the plaintext, by adjusting the part that they control until the length of the ciphertext decreases (which implies that there was some repetition between the part of the plaintext they control and the secret part of the plaintext).
See https://en.wikipedia.org/wiki/CRIME for example.
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
