Enhancement: Compress the output of the "Fernet" encryptor

foundertherapy / django-cryptographic-fields

A set of fields that wrap standard Django fields with encryption provided by the python cryptography library.

MIT License

29 stars 34 forks source link

Enhancement: Compress the output of the "Fernet" encryptor #3

Open levigross opened 9 years ago

levigross commented 9 years ago

The field contains more than just the cipher text and it may be nice to compress (zlib) the output of the "Fernet" encryptor.

danaspiegel commented 9 years ago

@levigross what purpose does the compression you recommend serve?

levigross commented 9 years ago

Save DB space.

On Mon, May 11, 2015 at 1:52 PM, Dana Spiegel notifications@github.com wrote:

@levigross https://github.com/levigross what purpose does the compression you recommend serve?

— Reply to this email directly or view it on GitHub https://github.com/foundertherapy/django-cryptographic-fields/issues/3#issuecomment-100996954 .

apolkosnik commented 7 years ago

You don't really want to compress encrypted data, you want to first compress, then encrypt.

levigross commented 7 years ago

@apolkosnik No you don't :). Compressing than encrypting leads to attacks like CRIME (https://en.wikipedia.org/wiki/CRIME) and BREACH (https://en.wikipedia.org/wiki/BREACH_(security_exploit))

apolkosnik commented 7 years ago

If you're trying to compress bytes with large degree of randomness (e.g. ciphertext) then you are wasting your CPU cycles, because the result will have useless compression ratio.