Compression as the best way to encrypt data

WARNING: THIS DOCUMENT IS NOT INTENDED TO SHOW HOW TO BREAK, TO CRACK, TO HACK ANY ENCRYPTION PROGRAM, I, THE AUTHOR WILL NOT LIABLE FOR ANY DAMAGE CAUSED BY THIS DOCUMENT, IF ANY COMPANY OR PERSON OR A GROUP OF PERSON WANT ME TO REMOVE THIS DOCUMENT FROM THIS SITE BECAUSE IT IS AGAINST THE COMPANY REGULATION OR THIS DOCUMENT INFRINGED ANY ENCRYPTION COPYRIGHT THEN I WILL REMOVE THIS DOCUMENT AT ONCE IF I HAVE A GOOD VALID REASON TO. THIS DOCUMENT ONLY SHOWS HOW TO ENHANCES ENCRYPTION WITH COMPRESSION, NOTHING MORE.

Before I explain how and why compression is the best way to secure / encrypt data, I would like to say few words regarding this subject. I have came across people who think compression is different with encryption, therefore compression could not be any useful to secure data.
The reasons behind this are:

1. Compression has no password (ZIP has password but it is no longer secured).
2. Even though using a custom compression engine, still if the program (to compress and decompress) exist then the file is easily decompressed to get the original file.

Well, the above statements is correct, there is no doubt about it.
So, how do I be so sure that compression is the best way to encrypt / secure data ?

Again, before I explained how to do it, I will explain the current existing encryption algorithm.
There are many algorithms and many programs out there to encrypt data, but most of them use password to protect data, and the password is quite simply just string. There are weaknesses about this:

1. The password is limited to string only which means it is not a full 256 ASCII, therefore it is easily to crack.
2. The password string has a limited size, e.g.: 4 (32 bit) characters to 56 (448 bit) character.
3. I even notice that some encryption program will tell you that the password entered is invalid. This means the password is embedded in the file, and it is making more easy for hacker to find the password within the file.

I said it is easy to crack a string limited password and I believe somebody will ask me how ? especially the author of the encryption program. So I will answer it in a most stupidest way.

To crack an encrypted file which is limited to string password all we have to do is to use the encryption program and trying one at a time all the valid string then see the result. Even if the longest the string used, still it can be done. Below is the way to crack a string limited password:

1. Enter a valid string.
2. See the result.
3. If it is not correct then go to step 1, keep doing it million million times until we get a valid file content.
4. To auto decrypt the file, a simple custom program script can be use to help to enter a valid string, and save the resulted file into file array, then check the resulted file array one by one.

The above way is the most stupidest way to crack a string limited password.

I think it is enough with this explanation of how and what the weaknesses of this encryption methodology. Below I will start to show on how compression can enhances the encryption process.

There are some similarity of compression and encryption, this similarity is the reason why compression is useful as well to help to secure data.

1. Both have encoding and decoding process.
2. The key or the password is required to decrypt or to decompress the file, in a encrypted file a simple string password is required and in a compressed file a key code (flag) of how to decompress the file is required. This key code of compressed data is the value of what kind operation need to run and also the value of length, it is to determine how many bytes in a process should be processed. This is very important, if it is not exist or corrupted then it is seem quite impossible to decompress the file.

The key code of the compressed data is quite long, it has to be stored as a separate file, below is the description of the advantage and its disadvantage.

Advantage:
Because of its large size (normally) it needs to be stored in a separate file, so it is harder to crack or to rebuild the flag from just seeing the compressed file. More over, it normally contains all the 256 ASCII characters, unlike password which just simply some short string.

Disadvantage:
This is the one and only major disadvantage, because now we have two separate files, the compressed content and the key code file. We have to keep them carefully and if we need to send them to the other party we have to send to them two times, one file each time, because it is not secure to send both file at the same time (it is the same thing as sending one file), the same like asymmetric encryption, key management is very important.

This technique is simply creating the key out of the file(data), unlike other encryption method, both symmetric and asymmetric produce/generate the key before the encryption start. The new created file (contain flag to decompress) can be assume to have the same function as in the private key of asymmetric encryption. This is just an enhancement NOT a new algorithm to replace current encryption algorithm. Asymmetric encryption can be crack if someone can invented a fast math function to calculate/regenerate the key, but it is more difficult to recreate the key/flag for this compression scheme.

There is no reason NOT to apply another encryption algorithm to the resulted files, but then we have no idea of how many times is enough, it all depend on our weaknesses of keeping the key securely.

The other minor (not very important) advantage of using compression engine in the encryption is the result of smaller file, but in this case it might not be as small as in the conventional compression.

Some encryption program already put compression in it but I have not found one that implemented in this way.

The key code file can be as small as we want to, but the resulted file will not be much smaller because it means we only use a few operation. But a 4 kilobytes (one cluster size of FAT32) of key code file is quite enough to make the file small and secured.

If you have other question about this article or want to know which compression method which be use, then please contact me, I will be more than happy to explain, as I always do.