in reply to Customer data encryption

Also, do I need to encrypt and then compress, or compress and then encrypt?

If you want the compression to actually compress the data you must compress first. If you encrypt the data it should make the data look random, there will be no patterns (for any reasonable algorithm). Compression algorithms rely on patterns to reduce the size of the data. So, if you compress first, you get the benefit of the compression, if you encrypt first, it may actually increase the size of the final output. Corrected

Replies are listed 'Best First'.
Re^2: Customer data encryption
by 0xbeef (Hermit) on Feb 25, 2007 at 16:47 UTC
    Thanks, this makes sense and I will likely end up using it like this. I was wondering if there are any drawbacks to compressing first - e.g. if an attacker could perhaps exploit any patterns that gzip/bzip2 may produce?


      Very unlikely. Encryption will add entropy to the entropy making it somewhat more difficult to crack than just encrypted text.
      That's what salting is for.