informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/hacking/zippass.txt

165 lines
5.5 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Article 357 of sci.crypt:
Xref: vpnet comp.compression:174 sci.crypt:357
Path: vpnet!tellab5!laidbak!ism.isc.com!ispd-newsserver!rpi!crdgw1!uunet!maverick.ksu.ksu.edu!matt.ku.edu!parsons
From: parsons@matt.ksu.ksu.edu (Ghost in the Machine)
Newsgroups: comp.compression,sci.crypt
Subject: Re: Security of PKZIP's encryption
Message-ID: <1991Apr2.070810.10812@maverick.ksu.ksu.edu>
Date: 2 Apr 91 07:08:10 GMT
References: <1991Mar26.150049.20882@athena.cs.uga.edu>
Sender: news@maverick.ksu.ksu.edu (The News Guru)
Organization: Kansas State University
Lines: 135
is@athena.cs.uga.edu (Bob Stearns) writes:
>While I commonly recommend PKZIP (tm) for saving space on a hard disk, I have
>been asked how strong its encryption (-spassword) option is. I have no way of
>testing this and wonder if anyone out there in net land has investigated it.
>If you have investigated the actual code and can explain the general algorithm
>I can form my own opinion of its strength.
Here's what I found floating around on my roomates computer in the
PKzip archive file. This should help you to pass judgement on the security
of the password encryption.
DISCLAIMER: This is part of the application notes for PKZIP. Much
has been deleted about the actual compression algorithm, and only the
relevent part about password encryption remains.
Decryption
----------
The encryption used in PKZIP was generously supplied by Roger
Schlafly. PKWARE is grateful to Mr. Schlafly for his expert
help and advice in the field of data encryption.
PKZIP encrypts the compressed data stream. Encrypted files must
be decrypted before they can be extracted.
Each encrypted file has an extra 12 bytes stored at the start of
the data area defining the encryption header for that file. The
encryption header is originally set to random values, and then
itself encrypted, using 3, 32-bit keys. The key values are
initialized using the supplied encryption password. After each byte
is encrypted, the keys are then updated using psuedo-random number
generation techniques in combination with the same CRC-32 algorithm
used in PKZIP and described elsewhere in this document.
The following is the basic steps required to decrypt a file:
1) Initialize the three 32-bit keys with the password.
2) Read and decrypt the 12-byte encryption header, further
initializing the encryption keys.
3) Read and decrypt the compressed data stream using the
encryption keys.
Step 1 - Initializing the encryption keys
-----------------------------------------
Key(0) <- 305419896
Key(1) <- 591751049
Key(2) <- 878082192
loop for i <- 0 to length(password)-1
update_keys(password(i))
end loop
Where update_keys() is defined as:
update_keys(char):
Key(0) <- crc32(key(0),char)
Key(1) <- Key(1) + (Key(0) & 000000ffH)
Key(1) <- Key(1) * 134775813 + 1
Key(2) <- crc32(key(2),key(1) >> 24)
end update_keys
Where crc32(old_crc,char) is a routine that given a CRC value and a
character, returns an updated CRC value after applying the CRC-32
algorithm described elsewhere in this document.
Step 2 - Decrypting the encryption header
-----------------------------------------
The purpose of this step is to further initialize the encryption
keys, based on random data, to render a plaintext attack on the
data ineffective.
Read the 12-byte encryption header into Buffer, in locations
Buffer(0) thru Buffer(11).
loop for i <- 0 to 11
C <- buffer(i) ^ decrypt_byte()
update_keys(C)
buffer(i) <- C
end loop
Where decrypt_byte() is defined as:
unsigned char decrypt_byte()
local unsigned short temp
temp <- Key(2) | 2
decrypt_byte <- (temp * (temp ^ 1)) >> 8
end decrypt_byte
After the header is decrypted, the last two bytes in Buffer
should be the high-order word of the CRC for the file being
decrypted, stored in Intel low-byte/high-byte order. This can
be used to test if the password supplied is correct or not.
Step 3 - Decrypting the compressed data stream
----------------------------------------------
The compressed data stream can be decrypted as follows:
loop until done
read a charcter into C
Temp <- C ^ decrypt_byte()
update_keys(temp)
output Temp
end loop
In addition to the above mentioned contributors to PKZIP and PKUNZIP,
I would like to extend special thanks to Robert Mahoney for suggesting
the extension .ZIP for this software.
References:
Storer, James A. "Data Compression, Methods and Theory",
Computer Science Press, 1988
Held, Gilbert "Data Compression, Techniques and Applications,
Hardware and Software Considerations"
John Wiley & Sons, 1987
X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X
Another file downloaded from: The NIRVANAnet(tm) Seven
& the Temple of the Screaming Electron Taipan Enigma 510/935-5845
Burn This Flag Zardoz 408/363-9766
realitycheck Poindexter Fortran 510/527-1662
Lies Unlimited Mick Freen 801/278-2699
The New Dork Sublime Biffnix 415/864-DORK
The Shrine Rif Raf 206/794-6674
Planet Mirth Simon Jester 510/786-6560
"Raw Data for Raw Nerves"
X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X
Reference in New Issue View Git Blame Copy Permalink