How to Recover a Zip Password
PKZip utilizes a proprietary stream cipher that is vulnerable to a known plaintext attack, as Eli Biham and Paul C. Kocher describes in A Known Plaintext Attack on the PKZIP Stream Cipher.
In ZIP Attacks with Reduced Known-Plaintext, Michael Stay describes an improved known plaintext attack that works against files that non-PKZip zip programs such as InfoZip, WinZip, and NetZip create. The Stay attack requires the Zip archive to contain a minimum of five files.
In addition to these two attacks, it is also possible to recover a Zip password utilizing a brute force attack or a dictionary attack.
Software to Recover a Zip Password
Several programs with varying capabilities are available to help recover a lost Zip password.
Zip Key by Passware is a commercial program that implements the Biham-Kocher and Stay attacks, as well as dictionary and brute force attacks.
FCrackZip is a free program that implements dictionary and brute force attacks.
Ultimate Zip Cracker by VDG Software is a commercial program that implements the Biham-Kocher attack, a dictionary attack, and a brute force attack.
The Password Recovery Toolkit by AccessData is a commercial program that implements the Stay attack or a dictionary attack.
Advanced Zip Password Recovery by Elcomsoft is a commercial program that implements the Biham-Kocher attack, a dictionary attack, and a brute force attack.
Advanced Archive Password Recovery by Elcomsoft is a commercial program that implements the Stay attack in addition to the capabilities of their Advanced Zip Password Recovery program.
PkCrack is a free program that implements the Biham-Kocher attack. To use PkCrack, the user needs another ZIP-archive containing at least one of the files from the encrypted archive in unencrypted form. This one has to be compressed with the same compression method used for the encrypted file.
Security Enhancements in WinZip 9
WinZip 9 introduced the use of 128 and 256-bit key AES encryption. Unless there is a flaw in the WinZip AES implementation, this should make WinZip 9 passwords significantly more difficult to recover.
|
|
Comments (3)
Leave a Reply
- Dictionary Attack
A dictionary attack consists of trying “every word in the dictionary” as a possible password for an encrypted message. A dictionary attack is generally more efficient than a brute force attack because users typically choose poor passwords. Dictionary attacks are generally far less successful against systems that use passphrases instead of passwords. Improving Dictionary Attacks [...]...
- How Does RAR Password Recovery work?
RAR Password Recovery is a password recovery software that is specifically designed to recover lost passwords for RAR and ZIP files. RAR Password Recovery is available from a number of sources and is available in both trial and full versions, although the trial version only allows users to recover passwords that are three characters long. [...]...
- How Does ARJ Password Recovery work?
ARJ password recovery options vary depending upon which version of ARJ was used to create the archive. Early version of ARJ utilized a simple XOR encryption scheme. Because the password is used to generate the encryption key, the difficulty of decrypting an ARJ archive depends directly on the length of the password which was used [...]...
- How Does ICQ Password Recovery Work?
Methods of ICQ password recovery include: Resetting your ICQ password online Recovering stored ICQ passwords ICQ password brute force attack Reset your ICQ Password The easiest way to recover a ICQ password is to go to the ICQ Get a New Password page. To use this page, enter your ICQ number and ICQ will e-mail [...]...
- How Does PDF Password Recovery work?
PDF documents can utilize two passwords: Password to open Password to restrict printing and editing Password to Open The Password to open requires a user to enter a password to view the document. When the user sets a Password to open, all of the strings and streams in the PDF document are encrypted with [...]...
Is it possible to recover the password itself if both the compressed and uncompressed files are available?
There’s a free program called fcrackzip that allows you to run a suite of dictionary and brute force attacks on the zip file as the article mentions. It runs on most OSes.
There’s also an article on how to use a distributed computing model (free source code) if you wanted to expand this search using multiple computers using OS X’s Xgrid (the clients can run on Windows and Linux too). http://www.macwize.com/technical/files/xgrid_in_operation.html
Do you know, or recommend a software to recover 7z archives?, I didn’t find strangely.
thank you.