First compress it, then encrypt it (idea)@Everything2.com

A friend of mine from school apparently read something to this effect, then misinterpreted it as "If I XOR a Zipped file, it will be unbreakable!" However, this is easily proven false.

For you see, Zip files (and most files, for that matter) have headers. The Windows XP "Compressed Folders" zip file has 10 characters that are always the same. So, by XORing the first 10 bytes of his "encrypted" Zip file with the 10 known bytes, I instantly got the password he used to "encrypt" the file.

Even if you write your own compression algorithm, I must warn you- your algorithm will likely have a section mapping out the redundant parts of the text. This may be the weak point. When you encrypt your compressed file, make sure to use an algorithm that isn't subject to a known plaintext attack.

AES may have been broken	kid sister encryption	non-compressibility of random data	The Number of Languages you know is the Number of Times you are Human
If an attacker has physical access, your system is already compromised	PkZip	GPG	known plaintext attack
self-extracting executable	Rijndael	Shoot first, debate dialectical materialism later	Applied Cryptography
ciphertext	bzip2	standard deviation	Bruce Schneier
RAR	encryption algorithm	Compressible	Cryptanalysis
PHP	to kill a poem	secret passwords

Everything2

First compress it, then encrypt it (idea)

Recommended Reading

About Everything2

User Picks

Editor Picks

New Writeups

Login
Password