simon at josefsson.org
Tue Dec 18 11:44:23 CET 2007
"John Brooks" <aspecialj at gmail.com> writes:
> Assuming the compression is done prior to encryption (I can't recall if it
> is or not),
Right, compression is done before encryption in TLS. (RFC 3749)
> pretty much any major compression format and especially powerful ones
> like LZMA will compress most things to incredible levels. Standard
> text (i.e. most protocols, websites, etc) tends to compress extremely
> well - i've seen bzip2 reduce hundreds of megabytes of text files to
> 1/4th of their original size, and LZMA is generally regarded as doing
> even better.
> One concern would be that LZMA compression is pretty slow. It takes some
> serious CPU effort - it might put a pretty hefty load on the compressing
> side in higher speed connections.
The quote below suggests otherwise, but perhaps it was comparing the
situation against even worse algorithms. I think the trade-offs are
different for network compression than for file compression.
Right now, the only standard compression algorithm besides DEFLATE is
LZS which is patented as far as I know. It would be interesting to
compare and develop a free and better alternative..
> If the compression is done after encryption, the benefit will be much less
> noticable. Obviously encrypted data will be fairly evenly distributed, so it
> won't be able to compress much.
> - John
> On Dec 17, 2007 4:49 AM, Simon Josefsson <simon at josefsson.org> wrote:
>> Simon Josefsson <simon at josefsson.org> writes:
>> > Still, I'm not sure if it makes sense for GnuTLS to enable LZO
>> > compression by default any more. It is not a standard TLS compression
>> > algorithm. What do people think? It would also be interesting to
>> > compare it with LZMA, which has gained some popularity lately:
>> > http://www.7-zip.org/sdk.html
>> > http://tukaani.org/lzma/
>> > Btw, liblzo* has rather few reverse dependencies on Debian, so except
>> > for gnutls liblzo isn't that widely used. Dropping it might save space
>> > on most installation.
>> I found this quote:
>> Igor Pavlov is the developer behind the amazing 7-Zip compressor,
>> which has always been available under the GPL. Igor has now created a
>> separate LZMA SDK, which implements his compression algorithm in a way
>> that makes it suitable for embedded applications.
>> On the SDK web page, Igor says that the LZMA code can decompress up to
>> 1 MB/s on a 100 MHz ARM, MIPS, or other RISC CPU. The memory
>> requirements for decompression are as low as 8-23 KB, and the code may
>> take up as little as 2-8KB.
>> This sounds like a great piece of work for embedded developers. Up
>> until now, the best library out there for this community has been LZO,
>> which has a few problems that hold it back. Perhaps Igor's product
>> will now be the go-to library for this community.
>> Perhaps we should do some work in this area...
>> Does anyone know of any real-world benchmarks of TLS compression? I'd
>> guess that network traffic compression have different properties than
>> file compression. I would guess that network traffic actually is easier
>> to compress than files, on average; a lot of network traffic are verbose
>> text protocols.
>> Gnutls-devel mailing list
>> Gnutls-devel at gnu.org
> - John
More information about the Gnutls-devel