Security: WinZip And WinRAR
Passwords don’t directly unlock encrypted files. You need to generate a decryption key from the original password, and that's exactly what we've been doing over the past several pages. This is the bottleneck for brute-force attacks. Key derivation accounts for 99% of the recovery process, so throwing the right amount of hardware at that brick wall is really the only way to chisel it down.
While WinZip and WinRAR both use SHA-1 transformations to derive keys, the mechanism is a little different for each program. WinZip is based on PBKDF2 (Password-Based Key Derivation Function 2.0), and it uses 2002 SHA-1 transformation invocations to generate a key. However, this value is constant for any password length (up to 64 characters), which is why a 10-character password is just as easy to defeat with AES-256 as it is with AES-128.
In comparison, WinRAR uses its own key derivation scheme that requires (password length * 2 + 11)*4096 SHA-1 transformations. That’s why it takes longer to brute-force attack encrypted WinRAR archives.
|2 x GeForce GTX 570 SLI|
|Brute-Force Attack In Passwords Per Second||Parallel Password Recovery||Accent Password Recovery|
|Compression: Zip Encryption: AES-128||495 133||513 936|
|Compression: Zip Encryption: AES-256||496 244||513 880|
|Compression: RAR Normal Encryption: AES-128||13 904||14 605|
As a practical matter, you’re much more likely to forget your own password than to have your encrypted file fall into the hands of someone with too much time and hardware. Even if that person did have the best desktop hardware available, the maximum crunch time to find a nine-character password for an AES-128-encrypted file in WinZip already exceeds 1000 years. However, your prospects of password recovery are decent if you have a general recollection of what your password might be.
For example if you know the following about a 10-character ASCII password:
- Starts with e
- Ends with a
- Contains no capital letters
- Contains one !
- Contains none of the following letters: B, C, D, Q, T, U, V, W, X, Y, Z
You would only need to search through 1 trillion possible passwords instead of 205 trillion. That’s a realistic task with a pair of GeForce GTX 570s. If you’re using WinRAR, you almost have no hope of password recovery, unless your password is short.