On Wed, March 18, 2009 02:30, Dag Nygren wrote:
> tisdag 17 mars 2009 19:26:16 skrev  Stan Horwitz:
>> On Mar 17, 2009, at 1:19 PM, psoni wrote:
>
>> > Does encryption automatically disable compression on the tape ?
>>
>> Since EAS encryption takes every byte of data and expands it from one
>> byte to 256 bytes, then yes, you lose compression.
>
> This is strictly speaking not true. The data itself is not expanded, but
> it is
> "obfuscated", thus creating a result where you really don't find much
> common sequences, which compression uses for it to work.

AES works in 128-bit blocks; if the data in question is less than 128 bits
in length it is padded. The blocks are the same size regardless of whether
you use 128-, 192-, or 256-bit encryption keys.

The algorithm takes in 128 bits of data (clear-text) and spits out 128
bits of what looks like random noise (cipher-text). Since it is random
(more or less), it is impossible for any kind of compression to work on
it. The same sequence of bytes appearing in different parts of the stream
/ file will have completely different outputs after they go through AES.

The new tape drives that do encryption right in the hardware run the data
through the compression component /before/ the encryption component.

Hopefully if you use the compressasm and aesasm at the same time, the
compression is done first, and then that is encrypted. Of course you're
probably using more CPU if you specify both ASMs than if you used only one
of them.

If you're sending encrypted data to a tape drive then you lose the ability
to compress it, but (as Dag Nygren mentions) it does not expand in any
way.

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER