Passwords and encryption
|Previous Top Next|
The password encryption in ZIP/ARJ/RAR/ACE is very strong, and if the password is long enough and well selected, there is no way to recover it in a reasonable time. In most cases, only brute-force and dictionary attacks are available.
Dictionary attack is the most effective one – with it, the program tries every word in a dictionary (wordlist) until the password is found. This method is popular because it is well known that many people use common words as passwords. Dictionaries with hundreds of thousands of words, as well as specialist, technical and foreign language dictionaries are available, as are lists of thousands of words that are often used as passwords such as "qwerty", "abcdef" etc.
If you have completed a dictionary attack, but some passwords still have not been recovered, you have to follow up with a brute-force attack. In this attack, the program tries to guess the password by trying every single combination of characters until the password is found. For example, the program might follow a sequence like this:
until the password is found. Obviously, this method will take time: for an eight-character alpha password there are 200 Billion combinations to be checked. But with modern computers this sort of attack doesn't take as long as you might think. The brute force attack is the slowest method of password attack, but can often be successful on short and simple passwords.
There are also some special notes about every file format.
There are a few different encryption algorithms for ZIP archives. ARCHPR supports two of them: the traditional PKWARE encryption (used in most ZIP-compatible compression utilities; see Application Notes - .ZIP File Format Specification) and Advanced Encryption Technology (used in WinZip starting from version 9.0).
For archives that use traditional encryption, ARCHPR recovery speed is about 15 million passwords per second (on Pentioum 4 CPU), and so the "practical limit" for brute-force attack is about 10 characters. In addition, the "known-plaintext" attack is available: in most cases, it doesn't recover the password, but allows to get the encryption keys, and the archive can be decrypted so you will not need the password to get in. This attack usually takes 10-15 minutes (and the time does not depend on the password length). Unfortunately, it is not always applicable.
Also, due to the weakness of WinZip (versions up to 8.0) implementation of ZIP encryption algorythm, guaranteed recovery is available for many WinZip archives (with 5 or more encrypted files). As for known-plaintext attack, ARCHPR finds the decryption keys, so the password don't even needed. This attack is also very fast and takes maximum a few hours (in most cases – 15-20 minutes).
For ZIP files with advanced encryption technology, known-plaintext attack is not available, and brute-force attack works at just a few hundred passwords per second.
ARJ encryption is simpler than ZIP one. In addition to brute-force and dictionary attacks, the known-plaintext attack is also supported; in contrary to ZIP, it allows to get the password instead of just decrypting the file). The practical limit for brute-force attack is 7-8 characters.
For RAR 2.0..2.8 archives, ARCHPR can try a few thousand passwords per second. RAR 2.9/3.x encryption is even better (see UnRAR sources for details)– recovery speed is extremely low, just a few passwords per second. So for such archives, brute-force attack is almost useless, and only dictionary attack is more or less effective.
For ACE 1.x archives, the the speed is just a few hundred passwords per second. ACE 2.x archives are not supported at all. The reason is: ACE 2.x decompression algorithm is proprietary (i.e. source code is not available); we have tried to implement password testing through unacev2.dll shipped with WinACE, but unfortunately, it contains many bugs, causing unexpected crashes – even WinACE itself crashes on some valid archives when particular password is supplied. Please don't ask us to add ACE 2.x support – we will not do that until decompression algorithm will be publically available, or at least the above mentioned DLL will be free of bugs.
Get more information about Advanced Archive Password Recovery
Get full version of Advanced Archive Password Recovery
(c) 2008 ElcomSoft Co.Ltd.