1

I am working on a remote backup project in C... I want to send data and compress as well as encrypt the data.

However I am confused whether to compress first or encrypt first!

What will be better?:

  1. Compress the data and then encrypt it
  2. Encrypt the data and then compress it

Also I am going to use zlib for compression. And I am wondering which encryption lib to use... Some people say libgcrypt is good. Suggestion for good encryption libraries(very easy to use) will be appreciated... :)

or is there anything that does both of the jobs?

Thanks!

Sam
  • 1,842
  • 3
  • 19
  • 33

2 Answers2

10

You should compress before encrypting.

Any good encryption algorithm will produce random-like data that will not compress well.

SLaks
  • 868,454
  • 176
  • 1,908
  • 1,964
  • 1
    Although you are vulnerable to a known plaintext attack if the source data has a known compression header at a known point in the file. – Martin Beckett Nov 01 '12 at 16:31
  • Thanks! Any good library in C know for encryption and decryption? – Sam Nov 01 '12 at 17:43
  • @MartinBeckett: any good modern cipher will resist known plaintext attacks, and even significantly more powerful attacks like adaptive chosen ciphertexts. it is of zero consequence if you're using something like AES, which you should be. – mfanto Nov 01 '12 at 18:48
  • @mfanto - yes good algorithms resist direct plaintext reversals, but it does make it easier to brute force passwords if you have plaintext. Even truecrypt with AES is now vulnerable and it only has a single known checksum – Martin Beckett Nov 01 '12 at 20:47
  • It doesn't matter enough for it to be considered. AES resists known plaintext attacks. The difficulty of determining a correct decryption is negligible. If your key is small enough to make brute force possible, you have bigger problems than determining valid decryptions (of which statistical tests exist to aid). – mfanto Nov 01 '12 at 20:56
-3

My favorite easy to write, understand and use algorithm is blowfish. There are a few implementations at that link in a few liens of code.

It's roughly the same level of security as something like AES/DES, ie pretty much unbreakable. As with all crypto the real vulnerability is going to be you and your users!

Martin Beckett
  • 94,801
  • 28
  • 188
  • 263
  • This isn't true. Blowfish has no where near the level of security of AES, and DES is effectively broken due to the very small key size. Blowfish uses a 64-bit block size, and so regardless of modes, the birthday paradox tells us you'll begin leaking information after (2^32 * 8) = 32GB of data. – mfanto Nov 01 '12 at 20:53
  • And if you use "passwd" as the password, or include the private key in the firmware of your PS3 then it's equally secure. The problem with crypto is generally people thinking - I'll use the library with the most impressive sounding mil-spec routines – Martin Beckett Nov 01 '12 at 20:58
  • yeah, blowfish is the way to go (the author is Bruce Schneier!). However, it's all about HOW you use it: be sure to use the right block cipher mode to ensure sufficient strength against crypto attacks – Gianluca Ghettini Nov 01 '12 at 21:01
  • Sure, I agree with that, but I still don't think it's a good idea to suggest ciphers with known limitations, when good alternatives exist, have much more widespread support, have been standardized and mandated by NIST and Suite B, and is recommended almost unequivocally. – mfanto Nov 01 '12 at 21:02
  • @G_G: Absolutely incorrect. Bruce does not recommend Blowfish over AES, nor does any other cryptographer anywhere. More importantly, he even recommends AES over Twofish, his own submission to the contest. – mfanto Nov 01 '12 at 21:04