ZIP Attacks with Reduced Known Plaintext

  • Michael Stay
Conference paper

DOI: 10.1007/3-540-45473-X_10

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2355)
Cite this paper as:
Stay M. (2002) ZIP Attacks with Reduced Known Plaintext. In: Matsui M. (eds) Fast Software Encryption. FSE 2001. Lecture Notes in Computer Science, vol 2355. Springer, Berlin, Heidelberg


Biham and Kocher demonstrated that the PKZIP stream cipher was weak and presented an attack requiring thirteen bytes of plaintext. The deflate algorithm “zippers” now use to compress the plaintext before encryption makes it difficult to get known plaintext. We consider the problem of reducing the amount of known plaintext by finding other ways to filter key guesses. In most cases we can reduce the amount of known plaintext from the archived file to two or three bytes, depending on the zipper used and the number of files in the archive. For the most popular zippers on the Internet, there is a fast attack that does not require any information about the files in the archive; instead, it gets doubly-encrypted plaintext by exploiting a weakness in the pseudorandom-number generator.

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Michael Stay
    • 1
  1. 1.AccessData Corporation2500 N. UniversityProvo

Personalised recommendations