Questions tagged [compression]
the act of compression reduces the size of the file(s) being compressed by encoding information and eliminating statistical redundancy.
77
questions
1
vote
2
answers
182
views
How does malware work when compressed?
I have read up on compressed folders of file types such as .zip, .rar and .7zip being the malicious file itself (excluding cases such as an .exe file being disguised as a .zip file etc...), only ...
1
vote
1
answer
209
views
Fuzzy hash of a file
Could someone please explain this to me: When you use a fuzzy hash algorithm (ssdeep, tlsh, sdhash... or any other) to calculate the hash value of a file, does it calculate the hash based on the whole ...
- 45
23
votes
2
answers
5k
views
Is compression mandatory with TLS?
I've had a look within the official TLS specification but I cannot see any mention of this. Does TLS allow compression to be disabled? Or is it mandatory?
- 331
1
vote
1
answer
134
views
Does filesystem compression aid cryptanalysis?
I use LUKS to encrypt all sensitive data on my computer. If I switch to using a filesystem with on-the-fly data compression such as ZFS, should I use its compression feature together with LUKS? Does ...
- 33
0
votes
1
answer
2k
views
Gzip only request body of HTTPS request security BREACH?
I'm not an expert of security.
I heard it's not recommended to enable GZIP compression for HTTPS requests, that would open a security issue (see SO answer: https://stackoverflow.com/a/4063496/17307650 ...
- 135
4
votes
0
answers
965
views
Protection against JPEG compression bombs
There is a well-known threat named compression bombs. Such image formats as PNG and JPEG use compression methods, and therefore and in theory PNG/JPEG images might be a compression-bomb.
I've found an ...
- 53
0
votes
1
answer
285
views
Any risk on viewing the content of a RAR file without extracting it?
lets say I have a rar file that has a bunch of images inside. Is there any risk of opening the image inside the rar without extracting the entire file?
7
votes
1
answer
855
views
How sensitive are acoustic side-channels to compression with a narrowband codec?
Assume sensitive audio emissions from a mechanical keyboard. These audio emissions are often sufficient to reconstruct the actual key presses that generated the sound. If the audio is compressed using ...
- 67k
5
votes
2
answers
2k
views
Compression and Encryption against security issues
I'm having a hard time knowing whether the following setup is vulnerable to CRIME/BREACH type attacks (which target HTTPS).
I am running a Wireguard VPN that tunnels VXLAN protocol, using ChachaPoly20 ...
- 153
1
vote
0
answers
379
views
3
votes
3
answers
840
views
Does compression level influence security of encryted 7z files?
I want to archive some GB of sensitive data. It is to be stored on an external drive that also includes non sensitive data so i don't want to encrypt the whole drive. For that purpose i want to use ...
- 33
0
votes
1
answer
204
views
Obscure compression before encrypting
Assuming whatever encryption algorithm used was designed to support compression without any information leakage, would there be any reason not to use some custom compression algorithm to add obscurity ...
4
votes
2
answers
1k
views
Does TLS 1.3 mitigate the BREACH vulnerability?
Section 5.4 of the TLS 1.3 specification describes record padding.
One of the mitigations for BREACH is to add random padding.
Therefore, I'm wondering:
Does TLS 1.3 require random record padding? I'...
- 141
11
votes
1
answer
2k
views
Does it weaken the encryption of SSH to use compression?
When using compression on openssh (a la ssh -C ...), does this reduce entropy and make the tunnel traffic more vulnerable to cryptanalysis? Is compression an option I should disable server-side for ...
- 401
3
votes
1
answer
803
views
What steganographic techniques can I use in images that survive lossy compression?
Learning a bit about IT security, a segment of the material was the basics of steganography - specifically, hiding information in the lowest significance bits of images, and converting images into ...
- 193