Slashdot Mirror


Attacking WinZip AES Encryption

bden writes "As another tidbit from Bruce Schneier's Crypto-Gram, remember back in January when WinZip was Slashdotted for moving forward with its new AES-based encryption technology? Everything sounded good since we all knew that AES is secure, right? Well, a cryptographer took a look at how WinZip uses AES and found lots of problems. Regardless of how many people actually plan to use WinZip encryption, the lesson, according to Schneier, is that "cryptography is hard, and simply using AES in a product does not magically make it secure." So how can we distinguish between an application that simply uses the right buzzwords, like AES, from an application that is actually secure?"

2 of 227 comments (clear)

  1. Re:The following is encrypted using ASS by Anonymous Coward · · Score: -1, Troll

    d2hpdGVyYW5nZXI5OXggY2FuJ3QgcmVhZCB0aGlzLCBueWFoCg ==

  2. winzip is bollox by Anonymous Coward · · Score: -1, Troll

    everyone knows winzip is gay as fucking gerry adams, so who gives a shit about the article?

    Slashdot is da bomb alright