Does GNU GPG compress by default?

linux gnupg

22,153

Yes.

If compression-use can be specified by the --compress-algo name option and the default is to 'ZIP'. The default compression level is '6':

--compress-algo n Use compress algorithm n.

Default is 2 which is RFC1950 compression. You may use 1 to use the old zlib version (RFC1951) which is used by PGP. The default algorithm may give better results because the window size is not limited to 8K. If this is not used the OpenPGP behavior is used, i.e. the compression algorithm is selected from the preferences; note, that this can't be done if you do not encrypt the data.

You might also want to read http://www.ietf.org/rfc/rfc4880.txt to get an idea of what GPG actually does (point 2.3 and 9.3 describe compression).

22,153

Alex

Updated on September 18, 2022

Comments

Alex 9 months

According to docs you can use -z and --compress-level etc but does not specify if you omit -z or other ...-level params if it still compresses.
akira about 11 years

by using --compress-algo 0 or --compress-algo none. why would you want to not use compression, btw?
Alex about 11 years

when the goal is to encrypt only, not to compress (e.g. for performance improvements or when the encrypted data is already compressed)
Alex about 11 years

just tested --compress-also none works (actually -z 0 also works, at the time I did not test properly)
foo about 6 years

Do not remove compression for some imaginary performance improvement. It lowers security not to have compression. The more predictable the content of a message is, the easier it is to attack it. Compression reduces this predictability a lot.
Thorsten Schöning about 6 years

How can known, standardized compression algorithms reduce predictability? The content is unknown in both cases, as it is encrypted. If you know the kind of encrypted content, you still know that for an applied compression algorithm as well.
Thorsten Schöning about 6 years

Additionally, GPG itself might decide to not compress by default if it's less likely to provide any benefits: superuser.com/a/621126/308859
ThorSummoner over 5 years

@foo is it not fine to compress the data yourself in advance?
foo over 5 years

@ThorSummoner: serves same purpose, but headers might be an issue - known bytes at fixed position make attacks easier.
foo over 5 years

@ThorstenSchöning compression increases local entropy. en.wikibooks.org/wiki/Data_Compression/Order/Entropy - For example, an HTML page has a lot of predictable and recurring content, as do XML document formats. This helps attackers. Compression is a partial remedy for this.
zypA13510 over 2 years

@foo On the contrary, compression before encryption actually decreases security, albeit maybe only slightly. See this Q&A from Security.SE, here I quote, Encryption leaks data length: for any given input message, the encrypted output will have a length which will be close to that of the input message. Compression does not qualitatively change this issue, but it can worsen it. Compression makes data length dependent on data contents, so it can leak extra information.