encryption bloats file
dshaw at jabberwocky.com
Sat Jan 10 01:50:09 CET 2009
On Jan 9, 2009, at 7:07 PM, Robert J. Hansen wrote:
> Scott Lambdin wrote:
>> Someone sends us a big ~700MB pgp encrypted file and when we
>> decrypt it
>> the resulting file is about half that size. Anyone have an idea what
>> they might be doing to swell it up like that?
> Option 1: they're not using compression and they're ASCII-armoring the
> file. You can expect to see a large size swell.
Not double. By definition ASCII armor is around 1/3 larger (actually
137%) than the original document (not counting headers and such, but
they only amount to a few hundred bytes, not megs).
> Option 2: they're sending a file that's carefully crafted to blow up.
> I've seen a ridiculously tiny zip archive (a couple of K) that expands
> into hundreds of terabytes. There are sixteen zip archives in that
> archive, each zip archive expands into another sixteen zip archives,
> each of those zip archives expands into several gigs of zeros, etc.,
Other way around - the original file was ~700MB. The decrypted file
Incidentally, GPG has code to deal with the potential denial of
service from a "bzip bomb" like you mention. See the --max-output
Scott, do you know what OpenPGP program created the file that was sent
to you? Can you tell us what sort of data it it? (text? binary?
image file? (if so, jpeg? mpeg? other?) Also please try decrypting
the file again and add "-v -v" to the command line. Please send us
anything you can that isn't sensitive (specifically the compressed
packet algo number, and the raw data size and mode from the literal
More information about the Gnupg-users