Tag Archives: compression

A Fictional Compression Metric Moves Into the Real World

Posted on by

It seems that someone would have come up with such a metric by now. But, says Weissman, “there are two communities: the practitioners, who care about running time, and the theoreticians, who care about how succinctly you can represent the data and don’t worry about the complexity of the implementation.” As a result of this split, he says, no one had yet combined, in a single number, a means of rating both how fast and how tightly an algorithm compresses.

Misra came up with a formula (photo above), incorporating both. Along with existing benchmarks the formula creates a metric that the show writers tagged the “Weissman Score.” It’s not a fictional metric: although it didn’t exist before Misra created it for the show, it works and may soon find use in the real world.

via A Fictional Compression Metric Moves Into the Real World – IEEE Spectrum.

Crack in Internet’s foundation of trust allows HTTPS session hijacking

Posted on by

The technique exploits web sessions protected by the Secure Sockets Layer and Transport Layer Security protocols when they use one of two data-compression schemes designed to reduce network congestion or the time it takes for webpages to load. Short for Compression Ratio Info-leak Made Easy, CRIME works only when both the browser and server support TLS compression or SPDY, an open networking protocol used by both Google and Twitter. Microsoft’s Internet Explorer, Google’s Chrome and Mozilla’s Firefox browsers are all believed to be immune to the attack, but at time of writing smartphone browsers and a myriad of other applications that rely on TLS are believed to remain vulnerable.

via Crack in Internet’s foundation of trust allows HTTPS session hijacking | Ars Technica.

A side effect of compression, security experts have long known, is that it leaks clues about the encrypted contents. That means it provides a “side channel” to adversaries who have the ability to monitor the data. A research paper published in 2002 by John Kelsey looks eerily similar to CRIME, but only in retrospect.