removing the header from a gzip'd string
Fredrik Lundh
fredrik at pythonware.com
Fri Dec 22 01:56:42 EST 2006
Gabriel Genellina wrote:
> Using the default options ("deflate", default compression level, no
> custom dictionary) will make those first two bytes 0x78 0x9c.
>
> If you want to encrypt a compressed text, you must remove redundant
> information first.
encryption? didn't the OP say that he *didn't* plan to decompress the
resulting data stream?
> Knowing part of the clear message is a security hole.
well, knowing the algorithm used to convert from the original clear
text to the text that's actually encrypted also gives an attacker
plenty of clues (especially if the original is regular in some way,
such as "always an XML file" or "always a record having this format").
sounds to me like trying to address this potential hole by stripping
off 16 bits from the payload won't really solve that problem...
</F>
More information about the Python-list
mailing list