ZIP archiver
This archiver allows to set an archive password. Whole archive is encrypted using the specific algorithm. Each password is converted to three 32-bit keys. Two famous cryptoanalysts, Eli Biham and Paul Kocher, have analyzed this algorithm and found out that it’s possible to find the encryption keys by means a known-plaintext attack. Only 12 bytes of plaintext are needed for keys recovery. Then, we can manually decrypt the whole archive using that encryption keys. If we don’t have any plaintext, it’s possible to recover a password using a brute-force or dictionary attacks (which could be implemented very effectively on modern CPUs).
~1,5 days
282,429,521,920
8
Small letters, space
15,5 hours
111,100,002,304
8..11
Digits
13 hours
94,931,877,888
7
Digits, small letters, space
9 hours
62,523,502,592
6
Digits, small/capital, space
65 minutes
7,820,126,720
1..5
All printable
Time
Passwords
Length
Charset
Brute force speed analysis for ZIP (for P-II 350 CPU)
Applications for password recovery:
Advanced Archive Password Recovery
Advanced ZIP Password Recovery
http://www.elcomsoft.com