Question

Why does pgp generate a signature before applying compression?

Answer 1

As a default, PGP compresses the message after applying the signature but before encryption. ... The signature is generated before compression for two reasons: (a) It is preferable to sign an uncompressed message so it is free of the need for a compression algorithm for later verification.



thanks

Answer 2

PGP ( PRETTY GOOD PRIVACY)

PGP (Pretty Good Privacy) is an encryption technique that may be used to transmit encrypted emails as well as encrypt sensitive information. PGP has established the de facto standard for email security since its inception in 1991.

GENERATING SIGNATURE IN PGP:

For two reasons, the signature is created before compression:

(1) It is ideal to sign an uncompressed message so that a compression procedure is not required for subsequent verification.

(2) Different PGP versions generate different compressed formats. After compression, using the hash function and signature would force all PGP implementations to use the same version of the compression method.

* To improve cryptographic security, message encryption is used after compression. Cryptanalysis is more difficult since the compressed message has less redundancy than the original plain text.

* ZIP is the compression algorithm that is utilized, and it is discussed in the suggested text.