Programmer Humor

19147 readers

1307 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 1 year ago

MODERATORS

[email protected]

536

Order (programming.dev)

submitted 1 year ago by [email protected] to c/[email protected]

47 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 9 points 1 year ago (1 children)

In an ideal encryption, the resulting data should be indistinguishable from random when doing statistical analysis.

So yes, such data will be really hard to compress, so typically compression is done before encryption.

Now here's a twist. The compression before encryption can reveal some details about the encrypted data. This is especially true if attacker has a way to generate encrypted message with part of information that is being encrypted (for example some kind of token etc).
There were attacks on it. For example https://en.wikipedia.org/wiki/CRIME or https://en.wikipedia.org/wiki/BREACH (this was during that idiotic phase where vulnerabilities had those lame-ass names and they even created webpages)

Ideally compression would be done after encryption, but because of issues described earlier, that wouldn't give any benefit.

[–] [email protected] 4 points 1 year ago

idiotic phase where vulnerabilities had those lame-ass names and they even created webpages

Bro what are you talking about? These names are ..bad ass! Like, lets do CRIME!