TIL XZ has built-in checksumming (and now threaded decompression?) (lemmy.ml)

submitted 1 year ago by JuxtaposedJaguar@lemmy.ml to c/opensource@lemmy.ml

8 comments fedilink hide all child comments

I need to transport multiple very large files over an unstable and untrusted network, and the file contents are outputted as a data stream. I wanted to use OpenSSL for streaming authenticated encryption, but they purposefully don't support that and are preachy about it.

Well, it turns out that XZ has checksumming built-in! It even has different algorithms (CRC32, CRC64, and SHA256). It's part of the same file, within/before the encryption, and automatically verified by the decompression tool. I'm already using XZ for compression before encryption, so this is just super convenient and useful. Also, it seems like XZ supports threaded decompression now, when it didn't before. Thanks XZ devs!

you are viewing a single comment's thread
view the rest of the comments

[-] lemann@lemmy.one 9 points 1 year ago

Wouldn't be possible afaict, the encryption masks the xz archive which contains the checksum metadata. If the data is modified, decryption & extraction will simply fail.

The data will be undecipherable to a mitm anyway since it's encrypted, the only real risk imo would be someone modifying the encrypted data in transit to attempt a zero day targeting the decryption process... chances of which are probably really low lol

this post was submitted on 19 Nov 2023

37 points (97.4% liked)

Open Source

31358 readers

224 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml