On the security of the WinRAR encryption feature
- First Online:
Originally written to provide the file compression feature, computer software such as WinRAR and WinZip now also provide encryption features due to the rising need for security and privacy protection of files within a computer system or for sharing within a network. However, since compression has been much in use well before users saw the need for security, most are more familiar with compression software than they are with security ones. Therefore, encryption-enabled compression software such as WinRAR and WinZip tend to be more widely used for security than a dedicated security software. In this paper, we present several attacks on the encryption feature provided by the WinRAR compression software. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. In other words, no matter how securely designed each primitive is, using them especially in association with other primitives does not always guarantee secure systems. Instead, time and again such a practice has shown to result in flawed systems. Our results, compared to recent attacks on WinZip by Kohno, show that WinRAR appears to offer slightly better security features.
KeywordsCompression Encryption feature Attacks WinRAR WinZip
Unable to display preview. Download preview PDF.
- 1.Anderson, R.: Security Engineering – a guide to Building Dependable Distributed Systems. Wiley, USA (2001)Google Scholar
- 2.Bellare, B., Namprempre, C.: Authenticated encryption—relations among notions and analysis of the generic composition paradigm. In: Proceedings of Asiacrypt '00, LNCS 1976. pp. 531–545. Springer-Verlag, Germany (2000)Google Scholar
- 3.Biham, E., Kocher, P.: A known plaintext attack on the PKZIP Stream cipher. In: Proceedings of Fast Software Encryption '94, LNCS 1008. pp. 144–153. Springer-Verlag, Germany (1994)Google Scholar
- 4.Fischlin, M.: Fast verification of hash chains. In: Proceedings of CT-RSA '04, LNCS 2964. pp. 339–352. Springer-Verlag, Germany (2004)Google Scholar
- 5.Freeware Hex Editor XVI32, version 2.51. Available at http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm
- 6.Gladman, B.: A specification for the AES algorithm. (2003) Available at http://fp.gladman.plus.com/cryptography_technology/rijndael/spec.v37.pdf.
- 7.Kelsey, J.: Compression and information leakage of plaintext. In: Proceedings of Fast Software Encryption '02, LNCS 2365. pp. 263–276. Springer-Verlag, Germany (2002)Google Scholar
- 8.Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Proceedings of International Workshop on Security Protocols '97, LNCS 1361. pp. 91–104. Springer-Verlag, Germany (1997)Google Scholar
- 9.Kohno, T.: Attacking and repairing the WinZip encryption scheme. In: Proceedings of ACM Conference on Computer and Communications Security (ACM-CCS '04). pp. 72–81. ACM (2004)Google Scholar
- 10.Kohno, T.: Analysis of the WinZip encryption method. (2004). Cryptology ePrint Archive Report 2004/078. Available at http://eprint.iacr.org/2004/078. Full version of 9
- 11.NIST: AES page. Available at http://www.csrc.nist.gov/ CryptoToolkit/aes
- 12.RARlab: WinRAR Archiver. (2005). RAR—What's New in the Latest Version. Available at http://www.rarlab.com/rarnew.htm
- 13.RARlab: WinRAR—at a Glance. (2005) Available at http://www.win-RAR.com/rarproducts.html
- 14.RARlab: WinRAR - Version History. (2005) Available at http://www.rararchiver.com/WinRARVersions.asp#300
- 15.Stay, M.: ZIP attacks with reduced known plaintext. In: Proceedings of Fast Software Encryption '01, LNCS 2355. pp. 124–134. Springer-Verlag, Germany (2001)Google Scholar
- 16.Stefanek, S.: C++ Implementation of Rijndael (2004)Google Scholar
- 18.Symantec Corp: Norton SystemWorks 2005. Available at http://www.symantec.com/sabu/sysworks/basic/features.html
- 19.WinZip Computing, Inc. What's New in WinZip 9.0. (2005). Available at http://www.winzip.com/whatsnew90.htm