Data redundacy and cryptoanalytic attacks

Hi Terry, hi Peter,

I've read with interest both your drafts.

However, reducing data redundancy does not necessarily means reducing
opportunities for perform cryptanalytic attacks.

At Crypto, John Kelsey gave a rump session talk on a his research
on how compression and encryption might interact to reduce security.

Chosen-plaintext and plaintext-only attacks became possible 
at least when lossless compression algorithm leak data about
their input in the size of their output. 

Some tests have been carried out with encryption algorithms
that preserves length (e.g. RC4). 
This kind of attacks dose not affect necessarily also other
encryption algorithms; however, this research certainly show
how this field has not been studied sufficiently.
In my opinion, data encryption should be not considered in all
cases a good practice to avoid cryptanalytic attacks unless
further research will be made on the subject
(for more informations see also, "Compression side channel" on
cryptography <at> wasabisystems.com).

(BTW: Terry, the new version of Peter's draft is available at ID 
archive).

regards,