On Sep 15, 2017, at 12:31 PM, Steve Smith <sasd...@gmail.com> wrote: > > Yes, of course. And by the way, encryption (with any decent > algorithm) will render the data "incompressible*". To coin a word... > spell-check suggests "incomprehensible" (well, duh.. :-). > > IBM has wisely implemented their new Data Set Encryption to be done > after Data Set Compression is done. And warns that for manual > operations, you'd best not do it the other way around.
It’s not hard to understand why. At the highest level, all compression algorithms work by finding patterns in the data and replacing them with descriptions of the patterns, while the job of encryption algorithms is to hide all the patterns in the data. The output of a good encryption algorithm won’t have any patterns except relatively rare random ones. This is also why compression can be used to help defeat encryption. If an attacker knows the original size of the data, he can infer things about it from the size of the compressed version, even if it’s been encrypted. This is particularly true if the attacker can insert something into the data before it’s compressed; this is what’s behind some of the successful attacks on SSL/TLS. -- Pew, Curtis G curtis....@austin.utexas.edu ITS Systems/Core/Administrative Services ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
