Abstract
Originally written to provide the file compression feature, computer software such as WinRAR and WinZip now also provide encryption features due to the rising need for security and privacy protection of files within a computer system or for sharing within a network. However, since compression has been much in use well before users saw the need for security, most are more familiar with compression software than they are with security ones. Therefore, encryption-enabled compression software such as WinRAR and WinZip tend to be more widely used for security than a dedicated security software. In this paper, we present several attacks on the encryption feature provided by the WinRAR compression software. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. In other words, no matter how securely designed each primitive is, using them especially in association with other primitives does not always guarantee secure systems. Instead, time and again such a practice has shown to result in flawed systems. Our results, compared to recent attacks on WinZip by Kohno, show that WinRAR appears to offer slightly better security features.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Anderson, R.: Security Engineering – a guide to Building Dependable Distributed Systems. Wiley, USA (2001)
Bellare, B., Namprempre, C.: Authenticated encryption—relations among notions and analysis of the generic composition paradigm. In: Proceedings of Asiacrypt '00, LNCS 1976. pp. 531–545. Springer-Verlag, Germany (2000)
Biham, E., Kocher, P.: A known plaintext attack on the PKZIP Stream cipher. In: Proceedings of Fast Software Encryption '94, LNCS 1008. pp. 144–153. Springer-Verlag, Germany (1994)
Fischlin, M.: Fast verification of hash chains. In: Proceedings of CT-RSA '04, LNCS 2964. pp. 339–352. Springer-Verlag, Germany (2004)
Freeware Hex Editor XVI32, version 2.51. Available at http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm
Gladman, B.: A specification for the AES algorithm. (2003) Available at http://fp.gladman.plus.com/cryptography_technology/rijndael/spec.v37.pdf.
Kelsey, J.: Compression and information leakage of plaintext. In: Proceedings of Fast Software Encryption '02, LNCS 2365. pp. 263–276. Springer-Verlag, Germany (2002)
Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Proceedings of International Workshop on Security Protocols '97, LNCS 1361. pp. 91–104. Springer-Verlag, Germany (1997)
Kohno, T.: Attacking and repairing the WinZip encryption scheme. In: Proceedings of ACM Conference on Computer and Communications Security (ACM-CCS '04). pp. 72–81. ACM (2004)
Kohno, T.: Analysis of the WinZip encryption method. (2004). Cryptology ePrint Archive Report 2004/078. Available at http://eprint.iacr.org/2004/078. Full version of 9
NIST: AES page. Available at http://www.csrc.nist.gov/ CryptoToolkit/aes
RARlab: WinRAR Archiver. (2005). RAR—What's New in the Latest Version. Available at http://www.rarlab.com/rarnew.htm
RARlab: WinRAR—at a Glance. (2005) Available at http://www.win-RAR.com/rarproducts.html
RARlab: WinRAR - Version History. (2005) Available at http://www.rararchiver.com/WinRARVersions.asp#300
Stay, M.: ZIP attacks with reduced known plaintext. In: Proceedings of Fast Software Encryption '01, LNCS 2355. pp. 124–134. Springer-Verlag, Germany (2001)
Stefanek, S.: C++ Implementation of Rijndael (2004)
Storer, J.A., Szymanski, T.G.: Data Compression via textural substitution. J. ACM 29(4), 928–951 (1982)
Symantec Corp: Norton SystemWorks 2005. Available at http://www.symantec.com/sabu/sysworks/basic/features.html
WinZip Computing, Inc. What's New in WinZip 9.0. (2005). Available at http://www.winzip.com/whatsnew90.htm
Author information
Authors and Affiliations
Corresponding author
Additional information
Gary S.-W. Yeo completed his B.Eng in Electronics & Computer Systems in the first half of 2005, and is currently working as an electronics engineer with a semiconductor fab facility.
Raphael C.-W. Phan is currently Director of the Information Security Research (iSECURES) Laboratory at the Swinburne University of Technology (Sarawak Campus) – SUTS, Kuching, Malaysia. Raphael researches on cryptography, cryptanalysis, authentication and key exchange protocols, smart card security, hash functions and digital watermarking. His work has been published in refereed journals published by IEE, IEEE, Elsevier Science and US Military Academy; and in internationally refereed cryptology conferences published by Springer-Verlag, Germany. He is referee for several IEEE journals on the area of information security. He is General Chair of Mycrypt '05 and Asiacrypt '07, Program Chair of the International Workshop on Information Security & Hiding (ISH '05), and technical Program Committee member of Mycrypt '05, the International Conference on Information Security & Cryptology (ICISC '05) and International Conference on Applied Cryptography & Network Security (ACNS '06).
Rights and permissions
About this article
Cite this article
Yeo, G.SW., Phan, R.CW. On the security of the WinRAR encryption feature. Int. J. Inf. Secur. 5, 115–123 (2006). https://doi.org/10.1007/s10207-006-0086-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-006-0086-3