Advertisement

ZIP Attacks with Reduced Known Plaintext

  • Michael Stay
Conference paper
First Online:
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2355)

Abstract

Biham and Kocher demonstrated that the PKZIP stream cipher was weak and presented an attack requiring thirteen bytes of plaintext. The deflate algorithm “zippers” now use to compress the plaintext before encryption makes it difficult to get known plaintext. We consider the problem of reducing the amount of known plaintext by finding other ways to filter key guesses. In most cases we can reduce the amount of known plaintext from the archived file to two or three bytes, depending on the zipper used and the number of files in the archive. For the most popular zippers on the Internet, there is a fast attack that does not require any information about the files in the archive; instead, it gets doubly-encrypted plaintext by exploiting a weakness in the pseudorandom-number generator.

Keywords

Internal State Stream Cipher Linear Feedback Shift Register Plaintext Attack Correct Guess 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download to read the full conference paper text

References

  1. [BK94]
    Biham, Eli and Paul Kocher. “A Known Plaintext Attack on the PKZIP Stream Cipher.” Fast Software Encryption 2, Proceedings of the Leuven Workshop, LNCS 1008, December 1994.Google Scholar
  2. [DL]
  3. [IZ]
  4. [K92]
    Kocher, Paul. ZIPCRACK 2.00 Documentation. 1992. http://www.bokler.com/bokler/zipcrack.txt
  5. [PKZ]
  6. [PGP98]
    User’s Guide, Version 6.0. Network Associates, Inc., 1998. p. 145. http://www.nai.com
  7. [WZ]

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Michael Stay
    • 1
  1. 1.AccessData Corporation2500 N. UniversityProvo

Personalised recommendations

Cite paper