Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Different size output on same input with Twofish?
kyle at carefree
Apr 7, 2000, 8:00 AM
Post #1 of 3 (751 views)
Permalink
I have a large cpio file:

-rw------- 1 kyle root 510725120 Sep 26 1998 longshot-usr.cpio

I encrypted and signed it twice with the same options:

-rw------- 1 kyle kyle 179852840 Apr 6 21:09 longshot-usr-2.cpio.gpg
-rw------- 1 kyle kyle 179682409 Apr 7 04:05 longshot-usr-3.cpio.gpg

The options were:

-z 9 --cipher-algo TWOFISH -esr kyle

I also have these options in .gnupg/options:

load-extension ~/.gnupg/idea
load-extension ~/.gnupg/rsa
# Always encrypt for me.
encrypt-to 2A94C484
no-secmem-warning
keyserver pgp.ai.mit.edu
keyring pubring.gpg
keyring debian-keyring.gpg

I'm wondering whether it's normal to compress and encrypt the same
input and get such different output. I wouldn't expect to get byte-by-byte
the same output, but I also wouldn't expect a 150K size difference. I've
checked both files, and they seem to be the same once I unencrypt them.
Their signatures check out, and when I dump them to 'cpio -tv', I get the
same file list.
If this IS normal, I'm curious about why it happens, but mostly I
just want to know that there's nothing wrong with these files.

Please Cc: me any replies since I'm not subscribed to the list.
Thank you.
--
Kyle Hasselbacher All computers wait at the same speed.
kyle@toehold.com
Re: Different size output on same input with Twofish? [ In reply to ]
Alain.Ennis at eircom
Apr 7, 2000, 2:55 PM
Post #2 of 3 (738 views)
Permalink
Kyle Hasselbacher wrote:

> I have a large cpio file:
> -rw------- 1 kyle root 510725120 Sep 26 1998 longshot-usr.cpio
> I encrypted and signed it twice with the same options:
> -rw------- 1 kyle kyle 179852840 Apr 6 21:09 longshot-usr-2.cpio.gpg
> -rw------- 1 kyle kyle 179682409 Apr 7 04:05 longshot-usr-3.cpio.gpg

Hi, I may open my mouth too early as I am not very knowledgeable in the area,
but isn't there a time stamp with every signature (meaning the time when it was
encrypted) ?
If so, that would :
1/ change the data
2/ hence change the encryption and compression you can get out of it (you're
using gzip -9)

Best regards,
Alain.
Re: Different size output on same input with Twofish? [ In reply to ]
johanw at vulcan
Apr 8, 2000, 1:51 AM
Post #3 of 3 (735 views)
Permalink
You, Kyle Hasselbacher, wrote:

> I'm wondering whether it's normal to compress and encrypt the same
> input and get such different output.

Yes, it is. The file is encrypted with the symmetric algorithm with a
session key that is generated by a pseudo-random generator. This session
key is also encrypted and stored with the message.

This does not always preserve file size. 150kb is much, but considering the
size of the files you're encrypting its relatively small.

If you just encrypt them conventionally the output should be always
identical.

--
ir. J.C.A. Wevers // Physics and science fiction site:
johanw@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal