International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Analysis of the WinZip encryption method

Authors:
Tadayoshi Kohno
Download:
URL: http://eprint.iacr.org/2004/078
Search ePrint
Search Google
Abstract: WinZip is a popular compression utility for Microsoft Windows computers, the latest version of which is advertised as having "easy-to-use AES encryption to protect your sensitive data." We exhibit several attacks against WinZip's new encryption method, dubbed "AE-2" or "Advanced Encryption, version two." We then discuss secure alternatives. Since at a high level the underlying WinZip encryption method appears secure (the core is exactly Encrypt-then-Authenticate using AES-CTR and HMAC-SHA1), and since one of our attacks was made possible because of the way that WinZip Computing, Inc.~decided to fix a different security problem with its previous encryption method AE-1, our attacks further underscore the subtlety of designing cryptographically secure software.
BibTeX
@misc{eprint-2004-12051,
  title={Analysis of the WinZip encryption method},
  booktitle={IACR Eprint archive},
  keywords={applications / WinZip, Zip, compression, encryption, applied cryptography, attacks, security fixes.},
  url={http://eprint.iacr.org/2004/078},
  note={ tkohno@cs.ucsd.edu 12547 received 12 Mar 2004, last revised 9 May 2004},
  author={Tadayoshi Kohno},
  year=2004
}