88
13
I am writing a VPN system which encrypts (AES256) its traffic across the net (Why write my own when there are 1,000,001 others already out there? Well, mine is a special one for a specific task that none of the others fit).
Basically I want to run my thinking past you to make sure I'm doing this in the right order.
At the moment packets are just encrypted before being sent out, but I want to add some level of compression to them to optimize the tranfer of data a little. Not heavy compression - I don't want to max out the CPU all the time, but I want to make sure the compression is going to be as efficient as possible.
So, my thinking is, I should compress the packets before encrypting as an unencrypted packet will compress better than an encrypted one? Or the other way around?
I will probably be using zlib for the compression.
Read more on the Super User blog.
@JeffFerland, http://crypto.stackexchange.com
– Pacerier – 2015-05-18T18:02:46.483@Pacerier: Crypto.SE didn't exist at the time this question was asked. – Jeff Ferland – 2015-05-18T19:41:02.100
4Writing as "programming"? Would be better suited for Stack Overflow then. – Suma – 2011-03-15T14:07:15.737
4If I were asking about the programming of it, yes, but I'm not. This is a general compress then encrypt or encrypt then compress question which could apply to just working with plain files if you wanted. The programming side is just context for why I am asking the question. – Majenko – 2011-03-15T14:08:31.667
See also: http://stackoverflow.com/questions/4676095 http://stackoverflow.com/questions/4399812
– BlueRaja - Danny Pflughoeft – 2011-03-15T19:56:22.893Probably a question best meant for http://security.stackexchange.com/
– Jeff Ferland – 2011-03-16T14:32:56.4431They know about compression there do they? – Majenko – 2011-03-16T14:59:15.350
@Majenko - They know about encryption, and most of them would know the answer is compress then encrypt. Of course they'd ask the question why you're using a block cipher instead of a stream cipher and point out that this will come at a price of speed (and that you should reconsider unless you already thought about it), and that maybe an elliptic curve cipher (http://eprints.usm.my/9413/1/ECSC-128_New_Stream_Cipher_Based_on_Elliptic_Curve_Discrete_Logarithm_Problem.pdf) would better suit. But I digress.
– Everett – 2012-10-09T04:35:00.953