encryption bloats file

[David Shaw]

On Jan 9, 2009, at 7:07 PM, Robert J. Hansen wrote:

> Scott Lambdin wrote:
>> Someone sends us a big ~700MB pgp encrypted file and when we  
>> decrypt it
>> the resulting file is about half that size.  Anyone have an idea what
>> they might be doing to swell it up like that?
>
> Option 1: they're not using compression and they're ASCII-armoring the
> file.  You can expect to see a large size swell.

Not double.  By definition ASCII armor is around 1/3 larger (actually  
137%) than the original document (not counting headers and such, but  
they only amount to a few hundred bytes, not megs).

> Option 2: they're sending a file that's carefully crafted to blow up.
> I've seen a ridiculously tiny zip archive (a couple of K) that expands
> into hundreds of terabytes.  There are sixteen zip archives in that  
> zip
> archive, each zip archive expands into another sixteen zip archives,
> each of those zip archives expands into several gigs of zeros, etc.,  
> etc.

Other way around - the original file was ~700MB.  The decrypted file  
was ~350MB.

Incidentally, GPG has code to deal with the potential denial of  
service from a "bzip bomb" like you mention.  See the --max-output  
option.

Scott, do you know what OpenPGP program created the file that was sent  
to you?  Can you tell us what sort of data it it?  (text?  binary?   
image file? (if so, jpeg?  mpeg? other?)   Also please try decrypting  
the file again and add "-v -v" to the command line.  Please send us  
anything you can that isn't sensitive (specifically the compressed  
packet algo number, and the raw data size and mode from the literal  
data packet).

David