Re: SSH and compression
At 2002-06-27T02:42:31Z, [EMAIL PROTECTED] writes: > I guess it depends on the encryption algorithm used. DES should compress > well if represented as a stream of hex values. On the other hand you can > always represent binary data as hex. The problem with that is that hex encoding radically increases the size of the message, so any compression will be packing of the extra bits that weren't included in the original message. -- Kirk Strauser The Strauser Group - http://www.strausergroup.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH and compression
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Jun 26, 2002 at 11:06:06PM -0400, Alan Shutko wrote: > > I guess the question becomes, what comes first? > > Data is compressed first, then encrypted. And it all becomes clear now. 8:o) - -- Baloo -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9Gt3sNtWkM9Ny9xURAuNiAJ0cYvroSL1FG95sEJzSnzp2o6UlmACgq32E ytY1YXoD24dienLxSSdDORU= =G3Zo -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH and compression
* Angel L. Mateo ([EMAIL PROTECTED]) [020626 23:40]: > El jue, 27-06-2002 a las 07:54, nate escribió: > > > > i dont think SSH's compression should affect security either way. > > I use it mostly out of habbit, it can sometimes improve the responsiveness > > of a connection. > > > > I would expect if compression did affect SSH's security it would > > be documented and well known ... > > > Why it hast to be a problem? Finally, you have an encrypted message, so > what is the problem? > > If ssh encrypts first and then compresses, you can uncompress the > message, but then all you've got is an encrypted message. By other side, > if ssh compresses first and then encrypts, you can't even uncompress the > message because you have to decrypt it previously. It doesn't make any sense to encrypt first and then compress. A good cipher will produce non-compressible output: it will look like random data and not have distinguishable patterns in it. Compression is generally used with encryption because it reduces the redundancies in the plaintext, which can make cryptanalysis harder. English text is regarded at somewhere near 1-1.5 bits per letter. Compression can greatly improve this "randomness" by reducing the redundancy. Also, encryption is generally "expensive" CPU-wise, so compressing first reduces the amount of work to be done. good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgpHCMfvXGaxF.pgp Description: PGP signature
Re: SSH and compression
On Thu, 2002-06-27 at 04:23, Paul Johnson wrote: > Just curious, but does enabling compression make it easier, harder or > about the same difficulty to crack data from an SSH connection? Classical crypto analysis uses the fact that the cleartext message has predictable patterns (as natural language always will have). So compressing before encrypting will improve security somewhat, as ideal compressed data is indistinguishable from random data. Also, iirc shorter messages are harder to break, so again a plus for compression. How and if this interrelates to (pseudo) brute-force key-guessing methods I cannot say, so be careful whith what I've said above. cheers -- vbi -- secure email with gpg http://fortytwo.ch/gpg signature.asc Description: This is a digitally signed message part
Re: SSH and compression
El jue, 27-06-2002 a las 07:54, nate escribió: > > i dont think SSH's compression should affect security either way. > I use it mostly out of habbit, it can sometimes improve the responsiveness > of a connection. > > I would expect if compression did affect SSH's security it would > be documented and well known ... > Why it hast to be a problem? Finally, you have an encrypted message, so what is the problem? If ssh encrypts first and then compresses, you can uncompress the message, but then all you've got is an encrypted message. By other side, if ssh compresses first and then encrypts, you can't even uncompress the message because you have to decrypt it previously. -- Angel L. Mateo Redes y Comunicaciones - ATICA Tfo: +34 968 367590 Universidad de MurciaFax: +34 968 363389 Edificio D, Campus de Espinardo CP: 30100, Murcia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH and compression
> -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Just curious, but does enabling compression make it easier, harder or > about the same difficulty to crack data from an SSH connection? > > Just sort of my random curiosity for the night... i dont think SSH's compression should affect security either way. I use it mostly out of habbit, it can sometimes improve the responsiveness of a connection. I would expect if compression did affect SSH's security it would be documented and well known ... nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH and compression
Barry Michels <[EMAIL PROTECTED]> writes: > I guess the question becomes, what comes first? Data is compressed first, then encrypted. -- Alan Shutko <[EMAIL PROTECTED]> - In a variety of flavors! Colorless green ideas sleep furiously. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: SSH and compression
I guess it depends on the encryption algorithm used. DES should compress well if represented as a stream of hex values. On the other hand you can always represent binary data as hex. -Original Message- From: Barry Michels [mailto:[EMAIL PROTECTED] Sent: Thursday, June 27, 2002 10:37 AM To: debian-user@lists.debian.org Subject: Re: SSH and compression - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; Sent: Wednesday, June 26, 2002 10:28 PM Subject: RE: SSH and compression > I might be misguided but I find it interesting that compression seems to > look for patterns > in data in order to reduce the size, where as encryption's goal is to make > the data > devoid of all distinguishable patterns? > I guess the question becomes, what comes first? If the data is compressed first, then encryption shouldn't be any easier or harder. If the data is encrypted first, then compression shouldn't work very well since there's probably less compressable patterns. Or maybe I'm wrong and should go back to lurking till a subject I do know about comes up... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 6/13/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 6/13/2002 __ The information transmitted through this mail is intended solely for the addressee and may be legally privileged. Any disclosure, copying, dissemination or any action taken or omitted, to be taken in reliance on it, by persons or entities other than the intended recipient is prohibited. Smart Communications, Inc. http://www.smart.com.ph -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SSH and compression
- Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; Sent: Wednesday, June 26, 2002 10:28 PM Subject: RE: SSH and compression > I might be misguided but I find it interesting that compression seems to > look for patterns > in data in order to reduce the size, where as encryption's goal is to make > the data > devoid of all distinguishable patterns? > I guess the question becomes, what comes first? If the data is compressed first, then encryption shouldn't be any easier or harder. If the data is encrypted first, then compression shouldn't work very well since there's probably less compressable patterns. Or maybe I'm wrong and should go back to lurking till a subject I do know about comes up... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: SSH and compression
I might be misguided but I find it interesting that compression seems to look for patterns in data in order to reduce the size, where as encryption's goal is to make the data devoid of all distinguishable patterns? -Original Message- From: Paul Johnson [mailto:[EMAIL PROTECTED] Sent: Thursday, June 27, 2002 10:24 AM To: List, debian-user Subject: SSH and compression -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just curious, but does enabling compression make it easier, harder or about the same difficulty to crack data from an SSH connection? Just sort of my random curiosity for the night... - -- Baloo -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9Gnc6NtWkM9Ny9xURAoJiAKCeinybT6GdpwzdBOqL31p2Yb/73gCdGEl4 n8WP5Kuix0PNAqrXIqYot+s= =Uyye -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 6/13/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.371 / Virus Database: 206 - Release Date: 6/13/2002 __ The information transmitted through this mail is intended solely for the addressee and may be legally privileged. Any disclosure, copying, dissemination or any action taken or omitted, to be taken in reliance on it, by persons or entities other than the intended recipient is prohibited. Smart Communications, Inc. http://www.smart.com.ph -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
SSH and compression
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just curious, but does enabling compression make it easier, harder or about the same difficulty to crack data from an SSH connection? Just sort of my random curiosity for the night... - -- Baloo -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9Gnc6NtWkM9Ny9xURAoJiAKCeinybT6GdpwzdBOqL31p2Yb/73gCdGEl4 n8WP5Kuix0PNAqrXIqYot+s= =Uyye -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]