Compression support- zstd, &c

[Jason A. Donenfeld]

Hi Rektide,

On Fri, Dec 30, 2016 at 7:09 AM, rektide <rektide at voodoowarez.com> wrote:
> Greetings. Compression would be a great feature for WireGuard & it's roadmap. Perhaps the latest high compression & high throughput, very tuneable Zstd from Cyan4793? I think it'd make a fine complement to the other very nice modern technologies WireGuard has adopted.
> http://facebook.github.io/zstd/
>
> IPSec has a decent if not very modern history of compression with deflate, lzs, and lzjh support via IP Compression packets. That shows that there's some precedent for this feature. More recently OpenVPN has added LZ4 support.
>
> I want to throw on a feature request- compression. It'd be great to get free compression across the tunnel. OpenVPN recently added LZ4 compression. I personally would love to see Zstd supported. Seeing compression added to your roadmap would be immensely satisfying for me,
> I'd point to the author of both LZ4 and Zstd- Cyan4973-'s post introducing Zstd for more info the tradeoffs between these and others (Snappy, lzo, &c), which boil down to CPU usage and compression ratio,
> http://fastcompression.blogspot.com/2015/01/zstd-stronger-compression-algorithm.html

That's an interesting idea. The first concern that immediately comes
to mind is data leakage and CRIME-like compression attacks. We'd have
to tread very carefully in order to do this right. Is there a
particular implementation strategy for this you have in mind?
Historically adding compression to crypto protocols has been quite
risky.

> This would make a huge difference for me while I am tethered to cellular.

Do you have any metrics on what kind of difference? I've never tried
out the effects of compression on cellular links. Is it immediately
noticeable in some obvious way?

Jason