IETF Logo Mail Archive

Re: [openpgp] Disabling compression in OpenPGP

Gregory Maxwell <gmaxwell@gmail.com> Wed, 19 March 2014 21:16 UTC

Return-Path: <gmaxwell@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67C671A0304 for <openpgp@ietfa.amsl.com>; Wed, 19 Mar 2014 14:16:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AE_8WTjK9w8x for <openpgp@ietfa.amsl.com>; Wed, 19 Mar 2014 14:16:26 -0700 (PDT)
Received: from mail-la0-x232.google.com (mail-la0-x232.google.com [IPv6:2a00:1450:4010:c03::232]) by ietfa.amsl.com (Postfix) with ESMTP id 00BC01A0335 for <openpgp@ietf.org>; Wed, 19 Mar 2014 14:16:25 -0700 (PDT)
Received: by mail-la0-f50.google.com with SMTP id y1so6366034lam.37 for <openpgp@ietf.org>; Wed, 19 Mar 2014 14:16:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Bd4e35TfQPYM0khgwXHWk/m8rnoagTMo3nCleNBkbjU=; b=FpK8y+Lc91OBEPf55Z+eYt0oKfkoCWzWcN+U632grspUCcGE25tntsHisTK1K/dj3I q/zO+1Ze4ThrNF78zo2Byf0FMmMux3H9DYWD7fEdfVF4YwF9WpqZlHCwxLHj6LZ0BuVw lTMILdKKqd6yisEgfWjA4VCZbacDNMUUfzBHQjSEuoi4ndE9kgT2TErubq2wWU43GkG6 a5mgWUHL2in9t0tnSdsgJQ5E2FlCOzZKOzFprho+IMr2QjgxwP8ZNqv2JHG1k30yLgaH Yk/RSKRvblOICicC6PY/3ovrBhJaFVWHY2fJQvcFQuqNaAxsHuAVcATGwX4/3lVUfEYd TYrQ==
MIME-Version: 1.0
X-Received: by 10.152.26.66 with SMTP id j2mr27440068lag.25.1395263776621; Wed, 19 Mar 2014 14:16:16 -0700 (PDT)
Received: by 10.112.184.226 with HTTP; Wed, 19 Mar 2014 14:16:16 -0700 (PDT)
In-Reply-To: <DE00E9BD-1D37-4750-B156-BBDC4B59DB7F@callas.org>
References: <CALR0uiJG6GcngWMUkg6NrP7_4uwf8+QDn6aMF-qonOpRMLdo3w@mail.gmail.com> <95BD0817-D762-41DD-8444-A0C4F7AF1003@jabberwocky.com> <CALR0uiL0-Xp8E=F3idtzBkmRNLk7K_M_cqMt+i2HdNqaNkwn=w@mail.gmail.com> <849778F8-1C16-4FF8-A039-6363C158BD1F@callas.org> <20140319204047.GC30999@savin> <DE00E9BD-1D37-4750-B156-BBDC4B59DB7F@callas.org>
Date: Wed, 19 Mar 2014 14:16:16 -0700
Message-ID: <CAAS2fgQZPPrdehcs6TxmYikmyyfxOJqAdngaFk5=PcSGEGnejA@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Jon Callas <jon@callas.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/R2c3gxhc7HlxeUF1B2HWjr3RpBw
Cc: David Shaw <dshaw@jabberwocky.com>, Peter Todd <pete@petertodd.org>, Alfredo Pironti <alfredo.pironti@inria.fr>, "openpgp@ietf.org OpenPGP" <openpgp@ietf.org>
Subject: Re: [openpgp] Disabling compression in OpenPGP
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2014 21:16:31 -0000

On Wed, Mar 19, 2014 at 1:47 PM, Jon Callas <jon@callas.org> wrote:
> What's being leaked by compression? Really, I don't get it.

Some people like a demonstration.

Consider that I'm going to cast one of two ballots in a secret ballot
election. The ballots are just permutations of eachother so they are
the same size.

https://people.xiph.org/~greg/ballot.1
https://people.xiph.org/~greg/ballot.2

I encrypt my secret ballot to the election officials with the public
key at https://people.xiph.org/~greg/openpgp_testpubkey.asc

using the command:
gpg -ear 9C28FC94 --compress-algo ZIP --compress-level 9 ballot.X
(just being explicit for consistency sake, using GPG 1.4.16 in Fedora
19)

And I get the encrypted result of
https://people.xiph.org/~greg/ballot.secret.asc

Which ballot did I cast?   Anyone?

v2.23.0 | Report a Bug | By Email