Winzip Encrypted File

[LLXX]

It would be fun if we all had Government resources. They would be able to crack it, but don't expect them tell you how.

Definitely not a 256-bit key, unless there was a flaw in the algorithm itself. They have been rumored to be able to bruteforce 64-bit keys though.

[HLDoom32768]

One question....

Is the file actually encrypted or does it just have a password on it?

Oh wow, I guess I didn't think about that. I selected the little check box in Winzip that says "Encrypt and add files" and then I added the password. I really don't know much about encryption and such, so I guess maybe it is only password protected? I'm not sure, but it does say "encrypt and add files" so I'm not sure...

I think the archive is just password protected. After some good searching I found an application that may do it for you.

It does brute force, dictionary attack and known plain-text.

http://www.elcomsoft.com/archpr.html

Do you have any ideas of wich characters were used while entering the password? It would help cracking it.

hey, thanks a lot, I'll try out that program. Thanks a ton, I hope it works...

I think that the first letter might have been capital, but I really can't remember. I am pretty sure it was like 20 characters long with no numbers though. I am ALMOST positive that it does not have any numbers, but I'm not sure if it might have a capital letter or two in it, but I doubt more then two or three capital letters, and if it does have a capital letter, I am pretty sure one of them is the first letter...

[nmX.Memnoch]

If it's encrypted instead of password protected then your chances of cracking the file are much less. If just just uses ZIP 2.0 encryption you might be able to...but if it used 256-bit, or even 128-bit, AES encryption then you can pretty much forget it.

The "password" on the encryption is really called a passphrase (also called passkey, or just key) that's encoded with the encryption that tells WinZip you have access to decrypt the file.

http://csrc.nist.gov/CryptoToolkit/aes/

http://csrc.nist.gov/CryptoToolkit/aes/aesfact.html

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

16. What is the chance that someone could use the "DES Cracker"-like hardware to crack an AES key?

In the late 1990s, specialized "DES Cracker" machines were built that could recover a DES key after a few hours. In other words, by trying possible key values, the hardware could determine which key was used to encrypt a message.

Assuming that one could build a machine that could recover a DES key in a second, then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old.

Edited March 25, 2006 by nmX.Memnoch