Newsgroups: sci.crypt
Path: msuinfo!uchinews!linac!uwm.edu!zaphod.mps.ohio-state.edu!think.com!paperboy.osf.org!osf.org!omar
From: omar@osf.org (Mark Marino)
Subject: Re: compress Encryption program???
Message-ID: <1992Feb12.214742.14027@osf.org>
Sender: news@osf.org (USENET News System)
Organization: Open Software Foundation
References: <920211180744.3630@csserver.osf.org> <1992Feb12.032951.5017pdh@netcom.COM>
Date: Wed, 12 Feb 1992 21:47:42 GMT
Lines: 48

In article <1992Feb12.032951.5017pdh@netcom.COM>, pdh@netcom.COM (Phil Howard KA9WGN / I am the NRA) writes:
|> omar@osf.org (Mark Marino) writes:
|> 
|> >I'm investiging methods of encrypting ascii files that will then be
|> >U*IX compress'ed and then tar'red.  Someone told me they heard of a
|> > compress program that also did the encryption.
|> 
|> Bad move.
|> 
|> The encrypted file will lose its appearance of redundancy that compress
|> depends on.  Compression simply will not yield usable results.
|> 
|> It is better to compress the clear text file
|> [BUNCH OF VALID REASONS DELETED]

An oversight on my part.  I should have realized that.  The chain must be

tar->compress->encrypt

to be effective.


|> 
|> -1. Compression usually starts out with a small few bytes of predictable
|>     data.  You MIGHT overcome this by simply NOT encrypting the first
|>     4 bytes of the data.  This would give away your compression algorithm,
|>     but that is nothing secure in the first place.

   Just how predictable are the first bytes?  Is there a need for serious 
concern if the data to be encrypted requires only moderate protection from
cracking?  To not encrypt the first 4 bytes just adds another layer of 
complexity that the end party has to deal with.  

|> >Does anyone know if such a beast exists and if so, any further
|> >information on what encryption it uses.
|> 
|> Can't imagine why it would exist.

The intention is that you combine your compression and then encryption in one
program.  Less hassle, less mess.  If anyone knows where to get it (I believe 
it's called Pretty Good Privacy), do tell.


-- 
| No Matter Where You Go, There You Are.                                      |
|                                                                             |
| Mark Marino              | omar@osf.org             | uunet!osf!omar        |
| Open Software Foundation | 11 Cambridge Center      | Cambridge, MA 02142   |
