Why isn't it possible to Encrypt and Compress a Folder on Windows?

I read this blog which explains why this isn't possible but I can't seem to figure out the reason. I find the blog a little difficult to understand.

Can someone please explain why it's not possible to compress and encrypt the same folder or file ? A simple example would really go a long way in understanding the reasoning behind this.

Does encrypting a compressed file/folder increase it's size and hence defeat the purpose of compression ?
Similarly, does compressing an encrypted file/folder compromise the security of the file ?

If yes, how ?

Dhiwakar Ravikumar

Posted 2015-05-28T16:09:30.400

Reputation: 1 551

Answers

Technically, you can run data both through an encryption operation and through a compression operation; however, this will usually not result in actually smaller data, which is probably why Microsoft designed NTFS to make the mutually exclusive and Windows blocks you from doing both (this is speculation, only Microsoft can really answer why they designed the NTFS filesystem to treat compression and encryption as mutually exclusive).

Lossless Compression (the kind used here, or in .zip or .rar or .7z archives) only works well when there is non-random data that it can simplify. Good encryption on the other hand intentionally tries to make the data appear random, so compressing encrypted data doesn't really make sense.

On the other hand, encrypting compressed data does make sense, and I'm not sure if there is some technical limitation on how EFS and compressed files are implemented in NTFS which prevents the compression from happening before the encryption. (As a general rule of thumb, encryption increases the size of the original data by about 50%)

Darth Android

Posted 2015-05-28T16:09:30.400

Reputation: 35 133

You can encrypt a compressed file but compressing an encrypted file should be useless. I'm going to give you an insanely oversimplified version but you should be able to get the idea.

I have the text:

Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever. Griffin is the coolest ever.

For simplicity purposes it'll we'll say the compression software does the following. It'll recognize there is a pattern in the text in this case "Griffin is the coolest ever." It'll take that patter and assign a numeric value to it we'll say 0. Then to compress it it goes "Griffin is the coolest ever." = 0. Text = [0][0][0][0][0][0][0][0][0][0]. This works because in language we use a lot of the same words / phrases / patterns. The actual software is far more advanced.

The problem comes if you try to compress encrypted information because of how seemingly random encrypted information should appear. If we encrypted the earlier text we should get something along the lines of

quhjio43huiot3rnswyj4hrtis;g4wrjhtpiomnkgq;eht89jiognkwusjnehtn;oiw354yjthineajqnh54y689uio6895uuyio32ujwuywun279y8uhwtjin2hywa9p88h3uj7py;huniysbjkr.5yh75o.ui4jn;jsrujio;hjmngkfukop;'jsmneklrtjhsgiodghnbgfdsjh;sklr65uij9ynrio;eiuyjyphiro;uj6;9ios5uy76895y9auy9htsuy7

Compression can't do much here because there aren't any patterns ... or at least shouldn't be considering I just ran my hands over the keyboard.

Also it's important to note that the compression should be loseless. Some compression methods, especially those that involve sound will cut out unwanted information such as sounds that are too high or too low for humans to hear. This is fine for sound but if you're compressing a report you probably don't want random sentences missing.

It's also worth noting that the current understanding is that compression weakens the security of encrypted information although it seems that there is a debate about this to be had.

Griffin

Posted 2015-05-28T16:09:30.400

Reputation: 1 034

NTFS file compression and file encryption are mutually exclusive because of the way NTFS compression is performed. You can use only one of these options at a time on a file.

http://support2.microsoft.com/default.aspx?scid=kb;en-us;Q223093

I'm guessing more specific details are not public.

Steven

Posted 2015-05-28T16:09:30.400

Reputation: 24 804

Darth Android's answer is correct. But to answer your last question, you can compress encrypted files without compromising security. Compression is a form of encryption, so a compressed encrypted file is technically more secure. However, it is inefficient - which is probably why MS doesnt allow it.

Keltari

Posted 2015-05-28T16:09:30.400

Reputation: 57 019

Compression is form of security? Did not know. – Griffin – 2015-05-28T16:25:43.627

1Compression is definitely not encryption. The compressed file is self-contained and can be unpacked without additional knowledge. Encryption, on the other hand, provides security by requiring additional information to derive a key. – Daniel B – 2015-05-28T16:28:18.077

@DanielB Compression by definition is encryption. If you were to compress a text file, would it read just like the original? No. It itsnt necessarily secure encryption, but most definitely is encryption. – Keltari – 2015-05-28T16:30:59.633

1@Keltari "In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it." (from wiki) Compression does nothing to restrict access to authorized parties, and therefore is not encryption. Encoding, perhaps, but not encryption. – Darth Android – 2015-05-28T16:33:12.833

@DarthAndroid It depends on your definition of encryption. There are plenty of resources out there that call compression a form of encryption. – Keltari – 2015-05-28T16:38:32.280

@Keltari I was being sincere in my comment. I assumed you were right. In googling however I found otherwise. I wasn't trying to come off as a smartass. – Griffin – 2015-05-28T16:45:12.147

I would say that compression is a form of encoding which is one way to look at encryption. In my mind it is a naive way to look at it and at best is comparable to considering obfuscation to be effective security. Which of course it isn't. – EBGreen – 2015-05-28T16:47:22.110

Okay so the great ruler that is Wikipedia says "In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can read it" Now compression is "In digital signal processing, data compression, source coding, or bit-rate reduction involves encoding information using fewer bits than the original representation" – Griffin – 2015-05-28T16:54:06.237

Encoding points to code which says "In communications and information processing, code is system of rules to convert information—such as a letter, word, sound, image, or gesture—into another, sometimes shortened or secret, form or representation for communication through a channel or storage in a medium." In the case of compression I think it's safe to say that the purpose is to shorten the message. – Griffin – 2015-05-28T16:55:32.113

How about JPEG compression? Now if you have to use "compression" to secure data maybe you can e.g. use a secret-key to initialize a known compression algorithm. Theoretically compression will create an entropy (i.e. information density) of 1 and encryption an entropy of 0 bits of information / physical bit. Therefore your compressed file would only be encrypted if all the information is contained in the secret-key and the compressed file becomes 0 bytes long. If not you have stored information in the data that the compressor generates. This shows that compression is not encryption. – Wouter – 2016-06-05T15:41:15.107