When the order is crucial - use of both compression and encryption on data.

Sometimes the order in which things are done is really crucial.

An example to this is the mix of encrypted and compressed data.


Should you:
Compress encrypted data ?
or
Encrypt compressed data?
Due to the nature of encryption and compression the answer is of course very obvious, but I will anyhow back it with a small example.
I have created some simple Java code which does the following:

- Takes an XML file with domain names and creates an DES encrypted file from it.
- Creates a compress GZip file of the DES encrypted XML file
- Creates a compress GZip file of the original XML file.
- Creates a encrypted file of the GZip compressed file.

1. The original XML file "hosts.xml" has the size 82.767 KB


2. The DES encrypted file of the XML file has the same size of 82.767 KB


3. The GZip compressed original XML file has the size of 8.520 KB


4. The DES encrypted file based on the GZip compressed XML file has the size of 8.520 KB


5. The GZip file based on the DES encrypted XML file has the size of 82.792 KB.


The results come as no surprise since:

- The nature of lossless compression is finding redundant information, patterns which can be replaced by a shorter representation.
- The nature of encryption is the opposite, the encrypted file must not contain any patterns at all, but rather appear like white noise, ....(which can not be (lossless) compressed)

Conclusion: if you need to compress and encrypt data ....ALWAYS compress first and then encrypt the compressed data.

Download: Java files to demo encryption and compression order


Posted on 05/07/2012 12:12:45 AM CEDT

Blog Search

About this Blog

Writings mostly about Lotus Notes/Domino...by me :
Jesper Kiaer,Espergærde, Denmark

Looking for a developer? I'm available contact@jezzper.com