Re: [openpgp] Disabling compression in OpenPGP

On Wed, Mar 19, 2014 at 09:43:07AM -0700, Jon Callas wrote:
> > In general, I see two patterns:
> > - Compression incidentally thwarts some attacks
> > - Compression fundamentally breaks privacy by leaking plaintext entropy 
> > (see the Wikimedia Foundation case for a quite convincing example)
>
> In general, compression does the opposite of your second bullet. It 
> *protects* privacy by taking things that are typically not pseudo-random 
> (what you're calling entropic) -- e.g. text -- into something that is highly 
> pseudo-random.
That's the job of encryption, and modern encryption does that job very
well.

I strongly support turning off compression by default. That the length
of the data being encrypted is leaked is pretty easy for a non-advanced
user to figure out - just compare the encrypted and unencrypted file
lengths, or for that matter, just think about it rationally. But the
fact that information on the contents of the file is being leaked too -
exactly what encryption is supposed to prevent - is not at all obvious.

-- 
'peter'[:-1]@petertodd.org
0000000000000000bb8e8e215734f2855ab6da93a8e1caf12392231696f01f83

signature.asc
Description: Digital signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp