468,545 Members | 1,850 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,545 developers. It's quick & easy.

How safe are encrypted zip files? What if we have the unzipped form of a zipped file?

(((
I know that if we use a complicated password for zip files that has more than 8 characters, it's quite safe and can't be cracked easily...
For example, for an 8-digits complicated password (containing ABC,abc,123,!@#), it takes 83.5 days for a supercomputer to test all combinations, and 22 years for a 9-digit!!!!)
)))

But in an example, we have an encrypted zip file that contains multiple files, and we have the extracted form of one of those files

In this case and with having the original and zipped-encrypted file, can we write a program that cracks the password easily...? Not by taking months or even years to crack?

It it's possible, there will be problems; for example, a zip file may contain ""thumbs.db"" or ""desktop.ini"" files, that use almost the same pattern everywhere... and more common: every file format has its own hex pattern too!!! (For example, EF BB BF for UTF-8 text files)... and situations that we know the contents of a part of a text file... etc.
Jun 23 '14 #1

✓ answered by Rabbit

1) AES is a sufficiently strong algorithm.

2) I'm not sure what your point is. That example is answered by #4.

3,4) AES is just an algorithm. It's up to the programmers of whatever program you're using to implement it correctly. I can't tell you if the programmers implemented the algorithm correctly because only they know the ins and outs of their source code.

3 5082
Rabbit
12,513 Expert Mod 8TB
1) It depends on what algorithm the encryption uses.

2) If an attacker has the original files, there's no need to crack the password. You already have the data. Plus you shouldn't reuse passwords with a different file so even if they crack one, they can't open the others.

3) Even if they had both, a properly implemented algorithm will not allow them to figure out the key.

4) Even if you have a lot of files with the same sequence of bytes, a correctly implemented algorithm will encode those same sequences differently.
Jun 23 '14 #2
Thanks a lot!!!

1) ZIP files use symmetric-key algorithm, AES encryption.

2) Sometimes we have a part of a single file. For Example some HTML files start with:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

or PNG files start with hex code:
89 50 4E 47 0D 0A 1A 0A


3, 4) Is AES encryption a properly implemented algorithm????
Jun 24 '14 #3
Rabbit
12,513 Expert Mod 8TB
1) AES is a sufficiently strong algorithm.

2) I'm not sure what your point is. That example is answered by #4.

3,4) AES is just an algorithm. It's up to the programmers of whatever program you're using to implement it correctly. I can't tell you if the programmers implemented the algorithm correctly because only they know the ins and outs of their source code.
Jun 24 '14 #4

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by Noud Aldenhoven | last post: by
1 post views Thread by Peted | last post: by
1 post views Thread by UniDue | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.