Safety questions
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Tue Jul 2 15:29:02 2002
--=-LBxfjr1Dvh4Ze0JDzd/l
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Tue, 2002-07-02 at 14:58, Michal Wencl wrote:
> Hi everybody.
>=20
> I have a few questions on how to use GPG or encryption in general:
>=20
> 1. Is it better to encrypt (by symmetric cipher) plain file or a=20
> compressed one? Does it even matter?
compressed one:
- data size is smaller
- many cryptoanalysis methods are based on the statistical distribution
of the characters in cleartext. compressed file have uniform
distribution (ideally: can't be distinguished from random data).
But for gpg, it doesn't really matter as gpg will compress the data
before encrypting it.
> 2. Is there a safety risk if an attacker knows the target file=20
> type (structure), e. g. if he or she knows that the encrypted=20
> file is a JPEG picture, HTML document, gzip archive, Windows=20
> executable, Unix binary etc.?
see above: in theory, yes. But I'm not a mathematician, so I can't
comment how relevant this is in practice. (same for your 3rd question)
cheers
-- vbi
--=20
secure email with gpg http://fortytwo.ch/gpg
--=-LBxfjr1Dvh4Ze0JDzd/l
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9Iar8wj49sl5Lcx8RAn5lAJ0bhumOZcpGXQkrVuirbEHenzNBEwCfU06J
twfxN4lBUkntOt7XZCjvyII=
=VsQ8
-----END PGP SIGNATURE-----
--=-LBxfjr1Dvh4Ze0JDzd/l--