Compression and Information Leakage of Plaintext

  • John Kelsey
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2365)


Cryptosystems like AES and triple-DES are designed to encrypt a sequence of input bytes (the plaintext) into a sequence of output bytes (the ciphertext) in such a way that the output carries no information about that plaintext except its length. In recent years, concerns have been raised about ”side-channel” attacks on various cryptosystems—attacks that make use of some kind of leaked information about the cryptographic operations (e.g., power consumption or timing) to defeat them. In this paper, we describe a somewhat different kind of side-channel provided by data compression algorithms, yielding information about their inputs by the size of their outputs. The existence of some information about a compressor’s input in the size of its output is obvious; here, we discuss ways to use this apparently very small leak of information in surprisingly powerful ways.


Compression Ratio Compression Algorithm Side Channel Stream Cipher Information Leakage 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [BCL02]
    Benedetto, Caglioti, and Loreto, Physical Review Letters, 28 January 2002.Google Scholar
  2. [CCF01a]
    Usenet group comp.compression FAQ file, available at, 2001.
  3. [KJY00]
    Kocher, Jaffe, Jun, “Differential power analysis: Leaking secrets,” in Advances in Cryptology-CRYPTO’99, Springer-Verlag, 1999Google Scholar
  4. [Koc96]
    Kocher, “Timing Attack on Implementations of Diffie-Hellman, RSA, DSS and other systems,” in Advances in Cryptology-CRYPTO’ 96, Springer-Verlag, 1996.Google Scholar
  5. [KSHW00]
    Kelsey, Schneier, Wagner, Hall, “Side Channel Cryptanalysis of Product Ciphers,” in Advances in Cryptology-ESORICS 96, Springer-Verlag, 1996.Google Scholar
  6. [Sal97a]
    David Salomon, Data Compression: The Complete Reference, Springer-Verlag, 1997.Google Scholar
  7. [Whi02]
    Doug Whiting, personal communication, 2002.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • John Kelsey
    • 1
  1. 1.CerticomCanada

Personalised recommendations