Email: Password: Remember Me | Create Account (Free)

Back to Subject List

Old thread has been locked -- no new posts accepted in this thread
???
03/23/08 05:46
Read: times


 		 #152454 - ZIP encryption has been broken...
Responding to: ???'s previous message
"Classic" ZIP encryption has been broken for 14 years. See: http://cypherpunks.venona.com/date/1994...00566.html

This technique uses known plaintext, which is usually easy to get if there are a lot of encrypted files in the ZIP. It's a practical attack, and is included in a lot of the password recovery packages. I have personally used this technique to decrypt ZIP archives (to show management that ZIP encryption really is broken).

Since May 2003 WinZIP 9.0 has supported AES encryption, which is presumably breakable by password bruteforce only (if implemented properly). However, I'm not sure if this new encryption is widely supported by other ZIP tools.


List of 36 messages in thread
TopicAuthorDate
Data Recovery            01/01/70 00:00      
   I wouldn't            01/01/70 00:00      
      Junk it, or Call the experts            01/01/70 00:00      
         seagate            01/01/70 00:00      
            Get Started Today            01/01/70 00:00      
               Robocopy            01/01/70 00:00      
               revive the faulty FAT32            01/01/70 00:00      
                  Probably not worth the energy            01/01/70 00:00      
                     Backup            01/01/70 00:00      
                        Backup Utility?            01/01/70 00:00      
                           I use none            01/01/70 00:00      
                           Backup techniques            01/01/70 00:00      
                        I suspect its reliablity            01/01/70 00:00      
                           Online backup            01/01/70 00:00      
                              I found 100 mbps too slow ...            01/01/70 00:00      
                                 Online backups            01/01/70 00:00      
                                    Thta would probably work, but, if there's a crash            01/01/70 00:00      
                                       My understanding of online services            01/01/70 00:00      
                                          RE: a significant section of code that I wouldn't            01/01/70 00:00      
                                 ADSL Internet speeds            01/01/70 00:00      
                              How secure are ZIP passwords?            01/01/70 00:00      
                                 How secure are ZIP passwords?            01/01/70 00:00      
                                    Unless            01/01/70 00:00      
                                 ZIP encryption has been broken...            01/01/70 00:00      
   R-Studio            01/01/70 00:00      
   too late            01/01/70 00:00      
      Interesting            01/01/70 00:00      
         do not recall exactly, but we used ....            01/01/70 00:00      
            What I found ... some time ago ...            01/01/70 00:00      
               Absolutely            01/01/70 00:00      
                  Did you read the instructions first?            01/01/70 00:00      
               Linux            01/01/70 00:00      
   Two points            01/01/70 00:00      
      I totally agree with testing            01/01/70 00:00      
         Dangers with portable drives            01/01/70 00:00      
      Just two points about backups...            01/01/70 00:00      

Back to Subject List