Depends on if you’re using lossless or lossy compression. Lossless compression will usually make it bigger, because it relies entirely on data being formatted so their are common patterns or elements that can be described with fewer parts. Like, an ok compression algorithm for a book written in English and stored as Unicode would be to convert it to ASCII and have a thing that will denote Unicode if there happens to be anything that can’t convert. An encrypted version of that book would look indestinguishable from random characters, so compressing it at that point would just put that Unicode denoter before every single character, making the book end up taking more space.
The problem is that when you compress before you encrypt, the file size becomes a source of data about the contents. If an attacker has control of part of the data - say - a query string, they can use that to repeatedly add things to your data and see how the size changes as a result.
So it sounds like compression before encryption should only be done in specific circumstances because it can be a security issue depending on use case, but encryption before compression should never be done because it will almost always increase the size of the file
Depends on if you’re using lossless or lossy compression. Lossless compression will usually make it bigger, because it relies entirely on data being formatted so their are common patterns or elements that can be described with fewer parts. Like, an ok compression algorithm for a book written in English and stored as Unicode would be to convert it to ASCII and have a thing that will denote Unicode if there happens to be anything that can’t convert. An encrypted version of that book would look indestinguishable from random characters, so compressing it at that point would just put that Unicode denoter before every single character, making the book end up taking more space.
The problem is that when you compress before you encrypt, the file size becomes a source of data about the contents. If an attacker has control of part of the data - say - a query string, they can use that to repeatedly add things to your data and see how the size changes as a result.
So it sounds like compression before encryption should only be done in specific circumstances because it can be a security issue depending on use case, but encryption before compression should never be done because it will almost always increase the size of the file