Slashdot Mirror

← Back to Stories (view on slashdot.org)

PKWare and Winzip Reach A Secure Zip Compromise

Posted by Hemos on from the kind-of-working-together.-sort-of dept.

richard_za writes "Until now the rival compression software vendors PKWare and Winzip have had different (incompatible) ways of password protecting the ZIP format. In a bid to prevent fragmentation of the standard they have agreed to have their software support opening of the other's files. They have however not agreed to support a single standard. PKZip's encryption is RSA-based while Winzip use an AES approach which is fully documented here. The Register is running this story. PKWare has this press release."

14 of 219 comments (clear)

  1. Who's running PKWare by Anonymous Coward · · Score: 3, Interesting

    Since the PKZip guy killed himself?

    1. Re:Who's running PKWare by FattMattP · · Score: 3, Interesting

      Here's the rest of the story.

      --
      Prevent email address forgery. Publish SPF records for y
  2. Re:Easy to crack? by Troed · · Score: 5, Interesting

    Old zip-encryption used three internal 32-bit keys - which by today's standard is quite easy to break. You need 11 bytes (or was it 14?) of known cleartext though when searching.

    The breaking of zip-encryption was considered to be quite a feat when it happened in the middle of the 90's, if memory serves me correctly.

    --
    it's in my head
  3. Symmetric vs. asymmetric by kasperd · · Score: 5, Interesting

    I doubt that PKZip is based only on RSA. RSA is an asymmetric encryption. For some purposes this is nice, but it is inefficient. For that reason you almost always use asymmetric encryption together with a symmetric encryption. You generate a one time symmetric encryption key. The data is encrypted with the symmetric key, typically in CBC or CFB mode. Then only the symmetric encryption key is encrypted asymmetrically, which means much better speed.

    Actually I think this is one of the cases, where there is no need for asymmetric encryption at all. So AES sounds like a better idea. Can anybody explain why PKZip use RSA? And which symmetric cipher is it combined with?

    --

    Do you care about the security of your wireless mouse?
    1. Re:Symmetric vs. asymmetric by Anonymous Coward · · Score: 2, Interesting

      I always use asymmetric crypto in my backups.

      This way I do not have to remember or type (i.e. expose) my COMPLEX password each type I make a backup (quite often). Only when I use it (rarely).

      I time factor is irrelevente, in MOST machines, since only a password is incrypted, using GnuPG.

  4. Re:Ten years too late by f00Dave · · Score: 2, Interesting

    The issue here isn't with that sort of low level interoperability, but with the schism in the encryption standard used. I haven't checked (in true Slashdot style), but I suspect that Infozip's tool won't handle ZIPs encrypted with recent versions of PK's or WZ's software....

    --
    .f00Dave
  5. Why bother? by Ckwop · · Score: 5, Interesting

    I have PGP to encrypt the zip files.. This software has recieved a lot attention and we know that it's probably okay!

    The new standard these guys may agree will have recieved little public analysis when it is fielded.. Not something to trust at all!

    Simon.

  6. Re:Easy to crack? by Troed · · Score: 5, Interesting

    My passwords are usually >16 characters long, some are more than 30 (depends on the strength of the algorithm they're used in). While I agree that a lot of people use easy to guess passwords, the old zip encryption was most easily broken through the internal key - NOT by brute forcing the password. Do the math if you don't believe me ;)

    A-Z,a-z,0-9 and a few special chars makes a 24 char password contain 128 bits of entropy. That's secure enough for everyone using symmetric ciphers.

    --
    it's in my head
  7. Do one thing... by Ed+Avis · · Score: 4, Interesting

    I don't really see why it makes sense for zip and unzip programs to care about encryption. If you want to encrypt the whole archive, it's simple to use GPG on the whole thing. If you want encryption on a per-file basis - again, use GPG on individual files before or after archiving. This is true on Windows too, using whatever your preferred GUI encryption program might be.

    The only reason to stuff both functions into a single program seems to be the perennial problem of installing anything on Windows systems (you can't assume that an encryption tool is available) and marketing - why should users pay $20 twice for two different pieces of tacky shareware when they could pay Winzip $40 for one?

    --
    -- Ed Avis ed@membled.com
  8. Trapped by pkware! by Anonymous Coward · · Score: 4, Interesting

    A very dumb company I once worked for chose pkware to archive (and sell) many terabytes of text and images. Unfortunately this was done through a binary only pkware library (for SCO but running on Sequent).. This decision was made around '92 (when many superior alternatives available), before my arrival.

    In the mid-90's they wanted to migrate off of their crap sequent boxes to something better.. Unfortunately, pkware refused to accomodate them by porting the library version to SGI.

    The company was in a bit of a panic as the sequent gear was no longer a viable solution. New customers and scalability problems were rapidly increasing..

    I suggested that they simply decompress on the Sequent and re-compress on the SGI with a better algorithm (source). Forget using pkware. The migration could have been automated such that customer requests resulting in a de-compress would re-file the data in the new system. Requests would check the new servers first. Pretty simple. Batch conversions could occur during off-peak times.

    Nope. Too easy. That would not have been a sufficient crisis.. People would not have looked busy enough.

    The amount of money they were offering pkware finally became sufficient for them to do a version for SGI. So they kept using pkware.

    Oh yeah.. They re-hired the guy who originally decided to use pkware (as a consultant).

  9. Unicode by Midnight+Thunder · · Score: 3, Interesting

    A little off topic, but it would be nice if the decided to start supporting unicode filenames in Zip files. With unicode becoming more common in OSs ( this inclues MacOS X, Linux and MS-Windows), I find it ridiculouse that this doesn't even seem to be on their scopes. Well at least it seemed that way when I contacted PKware.

    --
    Jumpstart the tartan drive.
  10. Re:Ten years too late by stuffedmonkey · · Score: 2, Interesting

    Apple has absorbed zip too recently - as of OS X 10.3 zip compression is built into the OS. They look to be moving away from Aladdin's propriatary .sit format...

  11. Symmetric, asymmetric... public! by axxackall · · Score: 2, Interesting
    With gpg I can encrypt with your key even without asking you to send me your key if it's already in PKI. All I need is your ID in PKI (typically that would be your email) and "ta-da!" - my tar.gz is encrypted and sent by email to you (or published on the web for you). You don't have to know my password or to get any my key - instead you use just your own password to decrypt and (optionally) my ID to verify the signature.

    IMHO bot PKzip and WinZip are sticking their technologies somewhere in mid 90s, while we are living here what? mid 00'? password protected archive... What's wrong with those guys? Have they ever heard about PKI?

    --

    Less is more !
  12. Ten years too early by Caractacus+Potts · · Score: 2, Interesting

    I'm not ready for Windows XP to handle my Zip files yet. I zip up files because I DON'T WANT THEM HANDLED! Does anyone here have a procedure for thoroughly disabling Windows support of Zip files? I've unregistered zipfldr.dll, but I still see them appear as folders. Somebody help me.