Re: Compression and crypto

David A. Scott wrote:
tomstdenis@xxxxxxxxx wrote in

You get millions of messages from a one byte input to the decompressor.

No Tommy I see still playing dumb. You get millions of possible
plaintext messages from one byte that has one vlaue when you test
the millions or billions of possilbe "depcryption keys". Of course

Um, in something like CTR mode one byte maps to one byte. How do you
get millions of decryptions?

most lead to messages that not very likely the input message. The
better the compression method for the task at hand the larger the
number of possible input messages that will be found. Of course
most of the message can be most likely disgarded. But how many
possible valid messages does one need to prevent something like
a QC computer to not settle on the valid message.

Why are you bringing QC into this? It has nothing to do with my
complaint about your security claim.

My complaint, again for clarity, is that while decompressions will lead
to strings with the correct alphabet [e.g. ASCII, binary, symbols of
your choosing] they won't follow a grammar [or even make sense].

For instance, you could map all random strings to decodable JPEGs but
will you also ensure the content of the JPEG makes sense and isn't just
white noise? Replace JPEG with a binary image [e.g. program] or text
document or HTML or PDF or ...I'll be able to tell the key was wrong by
checking if the decoded output makes any sense.

To once and for all prove you're wrong.

For all k-bit messages, if there isn't k-bits of entropy in the message
you can distinguish a correct key from an incorrect key. For short
messages you may have several correct keys [well "possibly correct"]
but as the message grows they are filtered out.

So unless you write english text with 8-bits of entropy per character
your method won't work. Oddly enough, if your compressor works at all,
that is, it compresses instead of expands, then you obviously don't
have k-bits of entropy per k-bit message.