Improve security with compression

Block cipher encryption.
Image via Wikipedia

I have a particular interest in encryption and how to make it stronger.Whilst considering OTP and its vulnerability of reusing a random or psuedorandom stream on plain-text, I was simulating the problem with a puzzle I have come across in the past. (Ever played one of those cryptoquip puzzles in the paper, where one letter is equivelent to another letter? You look at the small words and with trial and error guess words until they make sense across the whole sentance.)

I realised that encryption is significanly affected by the entropy of the input plain-text. As far as I know this is an unproven hypothesis. However it is at least easily verifyable for simple encryption, such as that found in the cryptoquip puzzle. I believe that source entropy losses it’s significance in overal security as the encryption method itself improves. However this may only be because once encryption is significantly strong doubling it would have no perceivable outcome. For example AES is considered one of the strongest, if not the strongest symmetric encrytion algorithm to date. Doubling the trillions and trillions of computing power required to break is not readily perceivable by our minds (and ten digits on our hands).

It is commonly accepted that you should compress before you encrypt, because encryption increases entropy which eliminates the ability for any valuable compression. It should be noted though that compression also increases entropy which in light of this article, is very good for security.

If you want good security you should consider using compression as well. You will have the benefit of an improved cipher as well as shorter messages. Perhaps compression can improve cipher strength enough such that some more computationally efficient ciphers are as strong or stronger than AES.

I hope that one day we will see an encryption scheme which incorporates compression in its design. It may also incorporate some other mechanisms to further increase the entropy of inputted plain-text data. Building a joint compression/encryption algorithm may also yeild performance improvements over seperate coherent compression and encryption steps.

It all sounds promising, but this is not an undertaking which I am experienced enough in to tackle.

Enhanced by Zemanta