ZIP archiver
This archiver allows to set an archive password. Whole archive
is encrypted using the specific algorithm. Each password is converted to three 32-bit
keys. Two famous cryptoanalysts,
Eli Biham and Paul Kocher, have analyzed this algorithm and found out that it’s possible to find
the encryption keys by means a known-plaintext attack. Only 12 bytes of plaintext are needed for keys
recovery. Then, we can manually decrypt the whole archive using that encryption
keys. If we don’t have any plaintext, it’s possible to recover a password using a brute-force
or dictionary attacks (which could be implemented very effectively on modern CPUs).
Digits, small letters, space
Digits, small/capital, space
Brute force speed analysis for ZIP
(for P-II 350 CPU)
Applications for password recovery: