Encrypt then Compress?

[somethingnew2-0]

From the documentation page, it states "After encryption, it is gzip'd, and base64 encoded so it can be stored in your key/value store of choice." I am wondering what the intuition is behind this?

Compression is only useful for non-random (especially text) data and whereas encryption attempts to output seemingly random data (across a uniform distribution). Clearly crypt shouldn't do the alternative of compress then encrypt as that opens up to other attacks such as seen with CRIME. So why encrypt then compress?

[kelseyhightower]

The docs have been updated, and based on the code https://github.com/xordataexchange/crypt/blob/master/encoding/secconf/secconf.go#L43 we should be doing compression first, then gpg, and then base64. If that is not the case we need to fix it ASAP.

[somethingnew2-0]

Ah, ok thanks!

[bketelsen]

OK to close?

[somethingnew2-0]

Yep, sorry I was on mobile and there wasn't a link to close. :)

[akerl]

You probably ought to not be compressing it. It's not specifically bad in this case, but compress then encrypt is known to cause problems in a lot of scenarios. Avoiding it overall is a good habit to have

https://news.ycombinator.com/item?id=8484841

[somethingnew2-0]

Yeah, this might be worth opening another issue for.

[bketelsen]

If you provide some research material, we can consider removing the compression. for config files, it's not much of a gain/loss anyway, but I'd like to see something concrete.

[akerl]

The primary examples are those already mentioned in the comments: CRIME and BREACH

https://news.ycombinator.com/item?id=8485348